https://bgstack15.ddns.net/blog/enContents © 2022 <a href="mailto:bgstack15@gmail.com">bgstack15</a> <a rel="license" href="https://creativecommons.org/licenses/by-sa/4.0/"> <img alt="Creative Commons License BY-SA" style="border-width:0; margin-bottom:12px;" src="https://bgstack15.ddns.net/.images/l_by-sa_4.0_88x31.png"></a>Sun, 27 Feb 2022 04:05:20 GMTNikola (getnikola.com)http://blogs.law.harvard.edu/tech/rsshttps://bgstack15.ddns.net/blog/posts/2018/09/22/verify-ansible-vault-password/bgstack15<pre class="code literal-block"><span></span><code># prepare vault password file printf 'Vault password: ' ; read -se VAULT_PASS ; printf '\n' ; echo "<span class="cp">${</span><span class="n">VAULT_PASS</span><span class="cp">}</span>" &gt; "<span class="cp">${</span><span class="n">PWFILE</span><span class="cp">}</span>" # fail out if password is incorrect ! ansible-vault view --vault-password-file "<span class="cp">${</span><span class="n">PWFILE</span><span class="cp">}</span>" "<span class="cp">${</span><span class="n">VAULTFILE</span><span class="cp">}</span>" 1&gt;/dev/null <span class="err">&amp;&amp;</span> exit 1 </code></pre> <p>You can use shell to read in the password and save it to a file. Just remember to clean it up at the end! I like to do this right before a shell loop that calls ansible with vaulted values multiple times, so I'm not prompted multiple times to enter the password.</p>ansiblepasswordshellvaulthttps://bgstack15.ddns.net/blog/posts/2018/09/22/verify-ansible-vault-password/Sat, 22 Sep 2018 12:35:37 GMT