Use Vault k/v secrets to retrieve ssh keys and connect to a server

Hi all.
we have Vault, at moment for testing purposes, and I stored in k/v secrets, a ssh private key and the ssh config to login onto some servers.
How can I use vault, as CLI, to retrieve the priv ssh key and then connect to a server automatically from a terminal?


Hi @alfredodeluca,

I’d rather recommend to use Vault’s SSH backend to manage access, this gives you fine grained control:

Here is also a good presentation on that subject:

Thanks @fhemberger
The problem is that the vault ssh dynamic keys are deprecated and, at the moment, I want to create something for the servers already deployed.


Probably the best way is to use signed certificates, so you can always revoke access for single users.


ok thanks. I ll give it a try but still I need to change conf on all the servers.

Thanks anyway