Menu
I am using ansible-vault to set password protect var/main.yml file. Now I can push my source code in source control system. After that deploys in production server. Suppose somebody manipulate the password or forgot the password. Is there any way to recover ansible-vault password or set the new password again without asking the old password?
Thanks in advance
637
You can use rekey keyword in your ansible-vault command. It allows us to reset the password of a vault.
Android or iOSIn the Vault screen, tap the Menu icon , and then tap Settings. In the Settings screen, tap Reset Password. Approve using biometric authentication. In the Reset password screen, follow the on-screen instructions and tap Save.
Storing the Password in a File Be careful with that file, and make sure that if it lives inside the project, it never gets into source control. To tell Ansible where to find this password file, include it in the command, like so: ansible-playbook site. yml --vault-password-file ~/. vault_pass.
If you need to change the password of an encrypted file, use the ansible-vault rekey command: ansible-vault rekey encrypt_me. txt.
Unless you brute force the password there is no way to recover it.
I suggest you use a password manager to store your password and share the password database within your organization. For example, you could store the password in a password service which has email or SMS reset option to recover the user account, though this might not be very good idea for high security environments.
92
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
