Keys

Base Key

class paramiko_cloud.base.BaseKeyECDSA(vals: Tuple[paramiko_cloud.base.CloudSigningKey, cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey])

Bases: paramiko.ecdsakey.ECDSAKey, paramiko_cloud.pki.CertificateSigningKeyMixin

Base class for all cloud-backed ECDSA keys

pubkey_string(comment=None) str

Render a string suitable for OpenSSH authorized_keys files

Parameters

comment – an optional comment, defaulting to the current date and time in ISO format

Returns

The public key string

Amazon Web Services

class paramiko_cloud.aws.keys.ECDSAKey(key_id: str, **kwargs)

Bases: paramiko_cloud.base.BaseKeyECDSA

An AWS KMS-based ECDSA key

Parameters

  • key_id – the AWS KMS key id

  • **kwargs – extra parameters passed to the Boto3 kms client, see the Boto3 documentation.

Microsoft Azure

class paramiko_cloud.azure.keys.ECDSAKey(credential: Union[azure.identity._credentials.default.DefaultAzureCredential, azure.identity._credentials.azure_powershell.AzurePowerShellCredential, azure.identity._credentials.browser.InteractiveBrowserCredential, azure.identity._credentials.chained.ChainedTokenCredential, azure.identity._credentials.environment.EnvironmentCredential, azure.identity._credentials.managed_identity.ManagedIdentityCredential, azure.identity._credentials.shared_cache.SharedTokenCacheCredential, azure.identity._credentials.azure_cli.AzureCliCredential, azure.identity._credentials.vscode.VisualStudioCodeCredential], vault_url: str, key_name: str)

Bases: paramiko_cloud.base.BaseKeyECDSA

An Azure Key Vault-backed ECDSA key

Parameters

  • credential – an Azure credential suitable for accessing the key in Key Vault

  • vault_url – the vault URL

  • key_name – the name of the key in the vault

Google Cloud Platform

class paramiko_cloud.gcp.keys.ECDSAKey(kms_client: google.cloud.kms_v1.services.key_management_service.client.KeyManagementServiceClient, key_name: str)

Bases: paramiko_cloud.base.BaseKeyECDSA

A Google Cloud Platform KMS-based ECDSA key

Parameters

  • kms_client – a KMS client that can access the selected key

  • key_name – the name of the key