Arguments for/against using vault password files
23 views
Skip to first unread message
Andrew Feller
Feb 16, 2017, 8:01:40 AM2/16/17
to Ansible Project
Hi everyone,
I would appreciate hearing peoples' various arguments for/against using vault password files versus manually entering passwords.
I've been manually entering in vault passwords as I didn't want to leave keys on my laptop in case stolen / compromised. I've seen posts about configuring git to decrypt vault files for diffing purposes using vault password files for ease. After my knee-jerk wtf, I started thinking about it in terms of using SSH identity and authorized key for traversing hosts within your network easily.
Thank you for your thoughts and insights,
Andy
I would appreciate hearing peoples' various arguments for/against using vault password files versus manually entering passwords.
I've been manually entering in vault passwords as I didn't want to leave keys on my laptop in case stolen / compromised. I've seen posts about configuring git to decrypt vault files for diffing purposes using vault password files for ease. After my knee-jerk wtf, I started thinking about it in terms of using SSH identity and authorized key for traversing hosts within your network easily.
Thank you for your thoughts and insights,
Andy
Nehal J Wani
Feb 16, 2017, 9:02:43 AM2/16/17
to ansible...@googlegroups.com
Another option, IMO is to use GPG https://github.com/ansible/ansible/pull/7174
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/f832238f-5e77-4565-a42b-3c14cc7978d6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Nehal J Wani
Reply all
Reply to author
Forward
0 new messages