I've referred to this forum and this post multiple times recently in support of an Azure function I've been working on and just wanted to add a resource which I found helpful for storing .ppk's in an Azure Key Vault. From what I understand, manually adding the plaintext value of the .ppk to the key vault messes the formatting so it has to be done programmatically which I did using Azure CLI, as follows:
Set-AzKeyVaultSecret -VaultName my-key-vault-name -Name SshPrivateKey -SecretValue (ConvertTo-SecureString (Get-Content ./SshPrivateKey.ppk -Raw) -force -AsPlainText)
I adapted that snippet from the reference below in, adding my .ppk file with the name
SshPrivateKey
and access it using standard Key Vault libraries:
static string GetSecretFromKeyVault(string secretName)
{
var keyVaultUrl = "https://mykeyvault.vault.azure.net/";
var client = new SecretClient(new Uri(keyVaultUrl), new DefaultAzureCredential());
KeyVaultSecret secret = client.GetSecret(secretName);
return secret.Value;
}
...
string SshPrivateKey = GetSecretFromKeyVault("SshPrivateKey");
...
SessionOptions sessionOptions = new SessionOptions
{
...
SshPrivateKey = SshPrivateKey,
...
};
Hopefully that's helpful for anyone else that needs to figure this out in the future.
Ref:
Storing SSH & PGP Keys in Azure Key Vault – BrownBot