20 lines
657 B
Markdown
20 lines
657 B
Markdown
# Ansible vault encrypt/decrypt
|
|
|
|
## Encrypt
|
|
Echo passwords through `ansible-vault` into a file. Provide encryption password when prompted (can be different for each password)
|
|
|
|
```shell
|
|
printf "%s" <password1> | ansible-vault encrypt_string --stdin-name=<password-name1> > <password-file>.var.yml
|
|
printf "%s" <password2> | ansible-vault encrypt_string --stdin-name=<password-name2> >> <password-file>.var.yml
|
|
...
|
|
```
|
|
|
|
## Decrypt
|
|
Retrieve a single decrytped password from password file. Provide encryption password when prompted.
|
|
|
|
```shell
|
|
ansible localhost -e '@<password-file>.var.yml' --ask-vault-pass -m debug -a 'var=<password-name>'
|
|
```
|
|
|
|
Tags:
|
|
howto |