A tool for safely archiving knot dnssec key material to azure.
Project description
knot-keystore
A tool to safely backup the knot kasp-db directory.
overview
usage: knot-keystore [-h] [--socket SOCKET] [--plugin {local,azure}]
[--config-file CONFIG_FILE] [-v]
optional arguments:
-h, --help show this help message and exit
--socket SOCKET, -s SOCKET
path to knotc control socket
--plugin {local,azure}, -p {local,azure}
select archival plugin
--config-file CONFIG_FILE, -c CONFIG_FILE
path to a configuration file
-v increase output verbosity
- tries to find the kasp-db path by reading
knotd
config over the control socket. - plugins create an xz-compressed archive and put it somewhere safe.
plugins
local
: create an encrypted copy of the archive and write it to disk along with the encryption key. Mostly useful for testing.azure
: write the archive to an Azure storage blob, first encrypting it using "client-side-encryption" with a KEK stored in Azure Key Vault.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
knot_keystore-0.1.0a1.tar.gz
(8.7 kB
view hashes)
Built Distribution
Close
Hashes for knot_keystore-0.1.0a1-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 40d7d686e3a5eb6fbab8d055a97c37c753287a669922672059201e86e4a7d8da |
|
MD5 | 12ef7706f4ed3ef18f3cf4bab3ed3c4a |
|
BLAKE2b-256 | c31b7ad8d6f9b946191a36f4f3ff3d8923e7500db2e5e872e6ecdb807995ad70 |