Skip to content

Instantly share code, notes, and snippets.

View kawsark's full-sized avatar
💭
Learning K8S from schoolofdevops

Kawsar Kamal kawsark

💭
Learning K8S from schoolofdevops
32 followers · 2 following
View GitHub Profile
@kawsark
kawsark / Vault-ssh-ca-README.md
Created March 28, 2019 16:12
A guide for configuring Vault's SSH-CA

SSH CA use-case with Vault

In this scenario we are going to set up Vault to sign SSH keys using an internal CA. We will configure the SSH secrets engine and create a CA within Vault. We will then configure an SSH server to trust the CA key we just created. Finally we will attempt to SSH using a private key, and a public key signed by Vault SSH CA.

Prerequisites

  • This guide assumes you have already provisioned a Vault server, SSH host using OpenSSH server, and a SSH client machine.
  • The client system must be able to reach the Vault server and the OpenSSH server.
  • We will refer to these systems respectively as:
  • VAULT_SERVER
@kawsark
kawsark / vault
Last active March 5, 2019 08:00 — forked from yunano/vault
/etc/init.d/vault for CentOS 6
#!/bin/sh
#
# vault - this script manages the vault server
#
# chkconfig: 345 96 04
# processname: vault
### BEGIN INIT INFO
# Provides: vault
# Required-Start: $local_fs $network
@kawsark
kawsark / consul
Last active October 11, 2022 14:13 — forked from yunano/consul
/etc/init.d/consul for CentOS 6
#!/bin/sh
#
# consul - this script manages the consul agent
#
# chkconfig: 345 95 05
# processname: consul
### BEGIN INIT INFO
# Provides: consul
# Required-Start: $local_fs $network
@kawsark
kawsark / keybase.md
Created June 19, 2018 21:31

Keybase proof

I hereby claim:

  • I am kawsark on github.
  • I am kawsar (https://keybase.io/kawsar) on keybase.
  • I have a public key ASC40CV4CtjmbLI4VF9dL6Xr6YAb1G3pbJNnDOsgKcb8Ewo

To claim this, I am signing this object: