Hi, I’ve been wrangling around this all afternoon.
First of all, is it ok to have two ansible-vault encrypted files (containing ssh private keys) with the same password and use them in one playbook? I ask because when I try to use a second one, the first one seems to stop working. My first playbook used passwords to connect to nodes and then I used an ansible-vault encrypted private key file to scp files to another remote host. This worked fine. But I need to use ssh key to connect to the nodes… when I added vars: ansible_ssh_private_key_file: /vars/current_id_rsa and current_id_rsa is ansible-vault encrypted with the same password as the first file, my scp command no longer works with the key it was using and hangs asking for password now – it seems like it is using the wrong private key from the debugging I have done…. But as I am just using the command: scp -i vars/id_rsa -o StrictHostKeyChecking=no /tmp/id_rsa [email protected]/Users/user/.ssh/instances_id_rsa<mailto:[email protected]/Users/user/.ssh/instances_id_rsa> for my command and vars/id_rsa is vault encrypted, I don’t see how that would get interfered with by setting the ansible_ssh_private_key_file. I changed back to using password to connect to nodes and then the scp command works again… So if that isn’t going to work, can I store my ssh private keys as a vars in a vars file, so I just have one encrypted vars file? I can’t seem to find any examples of doing this with mr google. Thanks Bill -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/DM6PR04MB5019E518EB179E9802CB4B07A32E0%40DM6PR04MB5019.namprd04.prod.outlook.com.
