DEV Community 👩‍💻👨‍💻

Frederick Ollinger
Frederick Ollinger

Posted on

Put an SSH Key into Hashicorp Vault

This article assumes that you have set up a minimum vault: https://dev.to/frederickollinger/production-hashicorp-vault-minimal-configuration-485a

What is a Secrets Engine

A secrets engine is a place to keep secrets. There are a number secrets backend for various reasons. For example, there is a backend for SSL certificates and one of SSH certificates.

Enable the SSH Secrets Engine

This is a one time operation that the admin must do when setting up a new Vault instance:

vault secrets enable ssh
Enter fullscreen mode Exit fullscreen mode

Put Existing SSH Key into Vault

Assuming we have an ssh key named fileserver.pem, put it into the vault like so:

vault write ssh/keys/fileserver key=@fileserver.pem
Enter fullscreen mode Exit fullscreen mode

Fin

That's all that's needed to get a key into Vault.

Sometimes things are easier than we imagine if we only have a good guide.

Top comments (0)

🌚 Life is too short to browse without dark mode