If modifying vault to include GPG, the sudo password could be set with ansible_sudo_pass and then encoded with vault.
On Tue, Apr 15, 2014 at 12:17 PM, Till Maas <[email protected]> wrote: > On Mon, Apr 07, 2014 at 11:29:57PM -0700, anatoly techtonik wrote: > > > Is it technically possible to encrypt some sensitive data using available > > SSH public key, so that only the owner of private key could read them > with > > the help of SSH agent? > > It is super easy to do this with GPG, but afaik impossible to use this > for e.g. the sudo password: > > http://paste.fedoraproject.org/94407/78404139 > > It might not be be error free due to ansible's bad encoding behaviour > and I stopped using it once I found out I cannot use it for sudo > passwords. > > Regards > Till > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/20140415161752.GD27129%40genius.invalid > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgwbf%2Bis1cB8frBm1oRWdS0LvhYFdxMrBwv2z%2BunkiK9RQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
