Ssh – Putting RSA keys into azure key vault

automationazuregitsshssh-keys

How can I store my key pair (typically the id_rsa and id_rsa.pub) in azure key vault.
I want to put the public key in my GIT service and allow a virtual machine to download the private key from Azure key vault -> So that it can access GIT securely.

I tried making a pair of PEM files and combining them into a pfx and uploading that as a secret bu the file I get back appears to be completely different to either pem file.

I also tried manually inputting my secret key into Azure but it turns the newlines into spaces.

Best Answer

You could use Azure CLI to upload id_rsa to Azure Key Vault.

azure keyvault secret set --name shui --vault-name shui --file ~/.ssh/id_rsa

You could use -h to get help.

--file <file-name>                 the file that contains the secret value to be uploaded; cannot be used along with the --value or --json-value flag

You could also download secret from key vault.

az keyvault secret download --name shui --vault-name shui --file ~/.ssh/id_rsa

I compare the keys on my lab. They are same.

For Git Bash

If you are running msysgit (I am assuming you are) and are looking to run Git Bash (I recommend it over TortoiseGit, but I lean to the CLI more than GUI now), you need to figure out what your home directory is for Git Bash by starting it then type pwd (On Windows 7, it will be something like C:\Users\phsr I think). While you're in Git Bash, you should mkdir .ssh.

After you have the home directory, and a .ssh folder under that, you want to open PuTTYgen and open the key (.ppk file) you have previously created. Once your key is open, you want to select Conversions -> Export OpenSSH key and save it to HOME\.ssh\id_rsa. After you have the key at that location, Git Bash will recognize the key and use it.

Note: Comments indicate that this doesn't work in all cases. You may need to copy the OpenSSH key to Program Files\Git\.ssh\id_rsa (or Program Files (x86)\Git\.ssh\id_rsa).

For TortoiseGit

When using TortoiseGit, you need to set the SSH key via pacey's directions. You need to do that for every repository you are using TortoiseGit with.

SSH Keys – Add Correct Host Key in Known Hosts for Multiple SSH Host Keys

get the rsa key of your server, where server_ip is your server's IP address, such as 192.168.2.1:

$ ssh-keyscan -t rsa server_ip

Sample response:

# server_ip SSH-2.0-OpenSSH_4.3
server_ip ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwH5EXZG...

and on the client, copy the entire response line server_ip ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwH5EXZG..., and add this key to the bottom of your ~/.ssh/known_hosts file:

server_ip ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqx9m529...(the offending key, and/or the very bottom of the `known_hosts` file)
server_ip ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwH5EXZG... (line you're adding, copied and pasted from above)

Best Answer

Related Solutions

Git for Windows – How to Tell Git Where to Find Private RSA Key

For Git Bash

For TortoiseGit

SSH Keys – Add Correct Host Key in Known Hosts for Multiple SSH Host Keys

Related Topic