From 51ceb9de329abede6b9ecf770697a707c53c3873 Mon Sep 17 00:00:00 2001
From: anonymous <>
Date: Tue, 25 Apr 2023 21:36:03 -0400
Subject: [PATCH] create/update 'Ansible vault encrypt-decrypt.md' file

---
 Ansible vault encrypt-decrypt.md | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 Ansible vault encrypt-decrypt.md

diff --git a/Ansible vault encrypt-decrypt.md b/Ansible vault encrypt-decrypt.md
new file mode 100644
index 0000000..72e19c1
--- /dev/null
+++ b/Ansible vault encrypt-decrypt.md	
@@ -0,0 +1,20 @@
+# Ansible vault encrypt/decrypt
+
+## Encrypt
+Echo passwords through `ansible-vault` into a file.  Provide encryption password when prompted (can be different for each password)
+
+```shell
+printf "%s" <password1> | ansible-vault encrypt_string --stdin-name=<password-name1> > <password-file>.var.yml
+printf "%s" <password2> | ansible-vault encrypt_string --stdin-name=<password-name2> >> <password-file>.var.yml
+...
+```
+
+## Decrypt
+Retrieve a single decrytped password from password file.  Provide encryption password when prompted.
+
+```shell
+ansible localhost -e '@<password-file>.var.yml' --ask-vault-pass -m debug -a 'var=<password-name>'
+```
+
+Tags:
+  howto
\ No newline at end of file