Questions about sudo password accepted with -K argument

[johhue]

Hello Ansible experts:

Can you please let me know what is done with the password accepted with the -K argument.

Is it in memory only, in a file in /tmp ?

Is it encrypted? If so, how specifically.

Is it available anywhere on the file system for a snooper to see?

Is it deleted after the command is finished?

If the ansible playbook execution is killed halfway through via kill -9, is this password left out on the file system anywhere?

I tried running with strace and lsof and snooping around. I should not be able to find it, right?

John

[Brian Coca]

It is in memory until the playbook end, it gets passed to remote hosts under the connection (which is encrypted) when prompted for.

It should not be written to disk in any circumstance

----------

Brian Coca

[John Leo Huetter]

Thanks!

--
You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/MjUx_aJeats/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CACVha7efQZQk3%2BmTOL_vTVnA7rzaYm3iGTqYNNKj_ZY0tWcdDw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

--
John Huetter