Use encyrpted pwd in ansible inventory file
148 views
Skip to first unread message
saravanan jothilingam
Oct 20, 2022, 4:24:08 AM10/20/22
to ansible...@googlegroups.com
Hi.
I am novice to this ansible and trying out a few basic use cases to apply patches on remote linux servers. We are using a host based authentication approach to connect to remote servers and execute ansible playbooks there.
If we want to encrypt the password and use that encrypted password inside the inventory file, please suggest an efficient method to do that.
Cmd that i use- sudo ansible-playbook ping_host_test.yml -e "host=remoteserver" -k
<enter host pwd>
cat ping_host_test.yml
- hosts: '{{ host }}'
gather_facts: true
become: true
tasks:
- name: Pinging Host {{ host }}
action: ping
- name: "Print os info"
debug:
msg: |
The os is {{ ansible_distribution }}
The env is {{ inventory_hostname }}
- hosts: '{{ host }}'
gather_facts: true
become: true
tasks:
- name: Pinging Host {{ host }}
action: ping
- name: "Print os info"
debug:
msg: |
The os is {{ ansible_distribution }}
The env is {{ inventory_hostname }}
Thanks!
Brian Coca
Oct 20, 2022, 11:59:51 AM10/20/22
to ansible...@googlegroups.com
Use 'inline vaults'
https://docs.ansible.com/ansible/latest/user_guide/vault.html#encrypting-individual-variables-with-ansible-vault
so you can have
...
all:
hosts:
hostname:
# per host
ansible_password: !vault |
$ANSIBLE_VAULT;1.2;AES256;dev
30613233633461343837653833666333643061636561303338373661313838333565653635353162
3263363434623733343538653462613064333634333464660a663633623939393439316636633863
61636237636537333938306331383339353265363239643939666639386530626330633337633833
6664656334373166630a363736393262666465663432613932613036303963343263623137386239
6330
vars:
# per group
ansible_password: ...
--
----------
Brian Coca
https://docs.ansible.com/ansible/latest/user_guide/vault.html#encrypting-individual-variables-with-ansible-vault
so you can have
...
all:
hosts:
hostname:
# per host
ansible_password: !vault |
$ANSIBLE_VAULT;1.2;AES256;dev
30613233633461343837653833666333643061636561303338373661313838333565653635353162
3263363434623733343538653462613064333634333464660a663633623939393439316636633863
61636237636537333938306331383339353265363239643939666639386530626330633337633833
6664656334373166630a363736393262666465663432613932613036303963343263623137386239
6330
vars:
# per group
ansible_password: ...
--
----------
Brian Coca
saravanan jothilingam
Oct 23, 2022, 2:21:13 AM10/23/22
to ansible...@googlegroups.com
Hi,
Thanks for your information.
Could you please share some examples where a user is able to encrypt the password using ansible vault and use that encrypted password in the ansible playbook's host variable section. Appreciate your help on this.
Thanks
Saravanan
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CACVha7frbPsXJU%2BVkaarTGA6_Drs3safQWX5_jFQMEwbyJFR2A%40mail.gmail.com.
Brian Coca
Oct 24, 2022, 1:27:55 PM10/24/22
to ansible...@googlegroups.com
On Sun, Oct 23, 2022 at 2:21 AM saravanan jothilingam
<saravan....@gmail.com> wrote:
>
> Hi,
> Thanks for your information.
> Could you please share some examples where a user is able to encrypt the password using ansible vault and use that encrypted password in the ansible playbook's host variable section. Appreciate your help on this.
see my previous email? it has example of use, as for example of
<saravan....@gmail.com> wrote:
>
> Hi,
> Thanks for your information.
> Could you please share some examples where a user is able to encrypt the password using ansible vault and use that encrypted password in the ansible playbook's host variable section. Appreciate your help on this.
creating the vault, I linked to the documentation
--
----------
Brian Coca
Reply all
Reply to author
Forward
0 new messages