Is your version of ansible / ansible-vault support on Ubuntu 18.04? Walter -- Walter Rowe, Division Chief Infrastructure Services, OISM Mobile: 202.355.4123
On Oct 3, 2022, at 4:41 AM, [email protected]<http://gmail.com> <[email protected]<mailto:[email protected]>> wrote: Hmm, it seems it's not an ansible issue, when i decrypt the key and try it works. Then encrypting the key, it still works. After few minutes, it stop working... >From ansible on ubuntu 18.04 (python 3.6) to target 20.04 #: ansible --version [DEPRECATION WARNING]: Ansible will require Python 3.8 or newer on the controller starting with Ansible 2.12. Current version: 3.6.9 (default, Jun 29 2022, 11:45:57) [GCC 8.4.0]. This feature will be removed from ansible-core in version 2.12. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. /home/user/.local/lib/python3.6/site-packages/ansible/parsing/vault/__init__.py:44: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography and will be removed in a future release. from cryptography.exceptions import InvalidSignature ansible [core 2.11.12] config file = /home/user/projects/ansible/ansible.cfg configured module search path = ['/home/user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /home/user/.local/lib/python3.6/site-packages/ansible ansible collection location = /home/user/.ansible/collections:/usr/share/ansible/collections executable location = /home/user/.local/bin/ansible python version = 3.6.9 (default, Jun 29 2022, 11:45:57) [GCC 8.4.0] jinja version = 3.0.3 libyaml = True On Sunday, October 2, 2022 at 11:02:50 PM UTC+3 [email protected]<http://linder.org/> wrote: Can you provide a minimal Ansible playbook with a vaulted variable file to see if we can recreate it or see anything amiss? The error message you're showing states "root @ SOME_IP: Permission denied (publickey,password)" which doesn't seem to be ansible-vault related. On Sunday, October 2, 2022 at 6:15:34 AM UTC-5 [email protected] wrote: I'm using in inventory/group_vars/all.yaml: .... ansible_ssh_private_key_file: '{{inventory_dir}}/group_vars/path/to/key' This Key is working well when it's plain text When I encrypt the file with ansible-vault, i get the error: Load key "/home/user/projects/ansible/inventory/group_vars/path/to/key": invalid format root @ SOME_IP: Permission denied (publickey,password). unreachable: true I am using $ANSIBLE_VAULT_PASSWORD_FILE to decrypt everything without asking for password. I have other encrypted secrets in all.yaml that get decrypted. What am I missing ? Thanks! -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/533f9f4b-bde3-4347-9087-0f5cf4503c09n%40googlegroups.com<https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgroups.google.com%2Fd%2Fmsgid%2Fansible-project%2F533f9f4b-bde3-4347-9087-0f5cf4503c09n%2540googlegroups.com%3Futm_medium%3Demail%26utm_source%3Dfooter&data=05%7C01%7Cwalter.rowe%40nist.gov%7C6fd21770b28a4afb6ac808daa51b3a33%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C638003833613674200%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=%2FNACV5IaSUyilVmKzka9ecSZkoo6trp5QhzI4Gy8dn0%3D&reserved=0>. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/6D4970E3-065D-4D5C-96E1-63DAFDB7746E%40nist.gov.
