vault-recovery-util

command module

v0.0.0-...-1f1565b Latest Latest Go to latest Published: Jun 21, 2024 License: GPL-3.0 Imports: 34 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/czembower/vault-recovery-util

Links

Open Source Insights

README ¶

vault-recovery-util

This tool reads and decrypts data from Vault's BoltDB storage backend, given sufficient access to the auto-unseal device or a reconstructed Shamir unseal key. It can also be used to generate new recovery/unseal key shares and inspect the keyring.

Note that extremely sensitive data can be exposed through the use of this utility. It should only be used for educational or emergency applications.

Usage of vault-recovery-util:
  -genRecoveryKeyShares
        Set to true to generate new recovery key shares
  -listDbKeys
        Display the BoltDB database contents
  -printKeyring
        Display the keyring data, including the data encryption keys and root key in base64 format
  -printRecoveryKey
        Display the recovery key in base64 format
  -printSealConfig
        Display the seal configuration
  -printUnsealKey
        Display the unseal key in base64 format
  -readPath string
        BoltDB path to key that should be decrypted and returning in plain text
  -vaultConfig string
        Path to the Vault server configuration file (default "./vault.hcl")

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL