It seems that as this file is frequently world readable, and probably should be for completeness of knowing what settings are, that putting a password in this file is not a good idea.
Also, there's an ansible-vault view to easily see file contents that does open a pager these days. That might only be on the devel-branch as I don't really remember. On Tue, Sep 16, 2014 at 5:41 AM, Jason Harris <[email protected]> wrote: > Hi All, > > It would be handy to be able to specify a default vault-password-file in > the ansible configuration file. That way when we are operating within the > ansible role we can easily encrypt, edit, and decrypt files without having > to always add: > > --vault-password-file ~/.vault_pass.txt > > We can of course create a bash alias for this but it doesn't vary when we > are in different ansible projects... > > Also, it would be nice to have a ansible-vault cat | more | less etc to > easily look at the file contents. > > And in fact it might be nice to be able to have several passwords in > vault_pass, which are tried in succession. Ie we might have vault_pass.txt > be: > > general_pass : aYLNOrPGA9qEYDxs > aws_deploy_keys: BbqxyxGBqjSC3kVt > super_secrete_key: KeqZqnXvCHQJ7hDx > > That way we could handle out say the general_pass to some people working > on general things, and say give out the aws deploy keys to a smaller set of > people, and finally only a few people would know the super_secret_keys. > > Thanks, > Jason > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/888da30c-5c70-4eb5-8069-3a307f6dec30%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/888da30c-5c70-4eb5-8069-3a307f6dec30%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgyBKsok%3D46My%2Bg9Yoct6zWo7g%2B58TiWFMziiXZv7zqfsw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
