Dazzle Quality Handbook.
SSH access.
SSH access to our infrastructure is possible via Vault-signed keys. First you need to install the Vault client on your local machine.
Official documentation:
developer.hashicorp.com/vault/tutorials/getting-started/getting-started-install
Vault client Linux installation.
sudo apt update && sudo apt install gpg
wget -O- https://apt.releases.hashicorp.com/gpg | gpg –dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg >/dev/null
gpg –no-default-keyring –keyring /usr/share/keyrings/hashicorp-archive-keyring.gpg –fingerprint
echo “deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main” | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install vault
cat <<EOF >> ~/.bashrc
complete -C /usr/bin/vault vault
export VAULT_ADDR=’https://vault.dazzle.be’
EOF
Vault client MacOS installation.
brew tap hashicorp/tap
cat <<EOF >> ~/.zshrc
complete -C /opt/homebrew/bin/vault vault
export VAULT_ADDR=’https://vault.dazzle.be’
EOF
Create an SSH key type ed25519.
ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_dazzle
SSH as user (developer).
vault login -method=oidc
vault write -field=signed_key ssh-client-signer/sign/manager valid_principals=dazzle_user public_key=@$HOME/.ssh/id_ed25519_dazzle.pub > signed-cert.pub
ssh -i signed-cert.pub -i ~/.ssh/id_ed25519_dazzle dazzle_user@hostname
Next
CPanel access >