A tool for safely archiving knot dnssec key material to azure.
Project description
knot-keystore
A tool to safely backup the knot kasp-db directory.
overview
usage: knot-keystore [-h] [--socket SOCKET] [--plugin {local,azure}]
[--config-file CONFIG_FILE] [-v]
optional arguments:
-h, --help show this help message and exit
--socket SOCKET, -s SOCKET
path to knotc control socket
--plugin {local,azure}, -p {local,azure}
select archival plugin
--config-file CONFIG_FILE, -c CONFIG_FILE
path to a configuration file
-v increase output verbosity
- tries to find the kasp-db path by reading
knotd
config over the control socket. - plugins create an xz-compressed archive and put it somewhere safe.
plugins
local
: create an encrypted copy of the archive and write it to disk along with the encryption key. Mostly useful for testing.azure
: write the archive to an Azure storage blob, first encrypting it using "client-side-encryption" with a KEK stored in Azure Key Vault.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
knot_keystore-0.1.0a2.tar.gz
(8.8 kB
view hashes)
Built Distribution
Close
Hashes for knot_keystore-0.1.0a2-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 90b3c321d4984fed95e6028909a5f53777e2ba4084dd3621ec609c7d7ec6654b |
|
MD5 | ebc23dd665eb29cdd0fb5fe8dfc2e16b |
|
BLAKE2b-256 | 87ea144c78357bbd9f153ffdcc532407fb304049175e4fb9a1b8607a591e0153 |