When I run commands on my ansible 2.9 version on red hat 7 distro –
$ ansible-vault encrypt_string 'l3@TH!hFymu4b91!x[W!u[EL' New Vault password: [ERROR]: User interrupted execution $ ansible-vault encrypt_string '-w2kBT>ur=X{U`!43o&m' usage: ansible-vault [-h] [--version] [-v] {create,decrypt,edit,view,encrypt,encrypt_string,rekey} ... ansible-vault: error: unrecognized arguments: -w2kBT>ur=X{U`!43o&m
The first command succeeds while second one fails. Is it related to special characters. My program automatically generates passwords, so just one time escape won’t help!
NB: The BaSh shell also would throw some errors, if you try to pass that string with a tilde using double quotes. But for single quotes, it won’t complain.
Advertisement
Answer
The second command fails because the argument to encrypt_string
looks like a command line option (because it starts with hyphen -
). As with many command line tools, you can tell ansible-vault
to stop looking for option arguments using the --
marker, like this:
ansible-vault encrypt_string -- '-w2kBT>ur=X{U`!43o&m'
The entire process looks like this:
$ ansible-vault encrypt_string -- '-w2kBT>ur=X{U`!43o&m' New Vault password: Confirm New Vault password: !vault | $ANSIBLE_VAULT;1.1;AES256 38376339313764343364653131333536613738373863643230633761346331663837643664623237 6138386635363661663562386430323061323831326534660a613837383263626336656332373464 32306333303262653733626233383532373133663335343865373834653764313032333133663432 6538306566373566610a353936663134326335373934643638333836643262363563333865366165 63653736653733356261616431646538623736323139656531643137643234363237 Encryption successful