Re: PPKs stored in Azure Key Vault
@olinton: Thanks for sharing this.
Set-AzKeyVaultSecret -VaultName my-key-vault-name -Name SshPrivateKey -SecretValue (ConvertTo-SecureString (Get-Content ./SshPrivateKey.ppk -Raw) -force -AsPlainText)
SshPrivateKey
and access it using standard Key Vault libraries:
static string GetSecretFromKeyVault(string secretName)
{
var keyVaultUrl = "https://mykeyvault.vault.azure.net/";
var client = new SecretClient(new Uri(keyVaultUrl), new DefaultAzureCredential());
KeyVaultSecret secret = client.GetSecret(secretName);
return secret.Value;
}
...
string SshPrivateKey = GetSecretFromKeyVault("SshPrivateKey");
...
SessionOptions sessionOptions = new SessionOptions
{
...
SshPrivateKey = SshPrivateKey,
...
};
@
prefixing. No hex encoding. That's needed in scripting only. In .NET assembly, just pass the contents of your key file to SessionOptions.SshPrivateKey
as it is, as @randallg has shown. No special encoding.
sessionOptions.SshPrivateKeyPath = @"C:\path\key.ppk"
sessionOptions.SshPrivateKey = File.ReadAllText(@"C:\path\key.ppk")
PuTTY-User-Key-File-2: ssh-rsa
Encryption: none
Comment: rsa-key-20200928
Public-Lines: 6
AAAAB3NzaC1yc2EAAAABJQAAAQEAtLcfmQXeqb3Bk5dNoKAQ1gvZScMnrbGkRvsJ
... more lines like the above
void open()
{
if (session != null) return;
string key;
using (Stream keystream = Assembly.GetExecutingAssembly().GetManifestResourceStream(StockwatchPpkResource)) {
key = new StreamReader(keystream).ReadToEnd();
}
session = new Session {
DisableVersionCheck = true
};
SessionOptions sessionOptions = new SessionOptions {
Protocol = Protocol.Sftp,
HostName = StockwatchHost,
UserName = StockwatchUser,
SshHostKeyFingerprint = StockwatchSshHostKeyFingerprint,
SshPrivateKey = key
};
session.Open(sessionOptions);
}
@
, but every time getting the same error. While through file it is working fine.
void open()
{
string keyfile = Path.GetTempPath() + Guid.NewGuid().ToString() + ".ppk";
using (var keystream = Assembly.GetExecutingAssembly().GetManifestResourceStream(StockwatchPpkResource)) {
Util.SlopFile(keyfile, new StreamReader(keystream));
}
session = new Session();
session.DisableVersionCheck = true;
SessionOptions sessionOptions = new SessionOptions {
Protocol = Protocol.Sftp,
... other stuff
SshPrivateKeyPath = keyfile,
};
session.Open(sessionOptions);
File.Delete(keyfile);
}
SshPrivateKeyPath
in the SessionOptions
.