https://www.puppet.com/community logo
Join Slack
Powered by
This message was deleted.
# bolt
s
This message was deleted.
y
j
Yeah. I read thought and I am pretty sure I am following the instructions to the letter. I am getting precisely the same issue per this issue: https://github.com/puppetlabs/bolt/issues/1451 But my version of bolt is current.
y
Could you maybe then share some minimal reproducer here (via gist or pastebin better)
šŸ˜„ 1
j
Thanks for the prompt reply!! I realize I was taking the instructions too literally. My issue was that I was expecting the cli to be able to somehow fantastically read and understand my bolt inventory.yaml. The decrypt task needs to be passed the actual encrypted PKCS7 string. Which is obvious if you actually read. Thanks Yury.
šŸ‘šŸ» 1
y
Ah, good to know itā€™s resolved!
j
Sadly itā€™s now returning BAD_PASSWORD and I know the password is right!!
šŸ¤” 1
When I pass <encrypted value> to bolt secret decrypt it works. And when I use that password manually in sudo it works. And then I use that password as the sudo-pasword keys value it works.
y
Iā€™d try to put it under targetā€™s vars in the inventory and check bolt inventory show ā€”details
Though it might show the password as well maybe
j
Thanks for the pointer. I will try that!
Yeah. So that shows the value correctly. I noticed my <encrypted value> was prefixed with ā€œENC[PKCS8]ā€ and not ā€œENC[PKCS7]ā€ I changed that and it decrypts the pasword correctly with bolt inventory show -details butā€¦ still BAD_PASSWORD when bolt tries to use it.
y
Can you login manually with the username and password? Iā€™d check with native-ssh as well.. maybe ruby net-ssh does something unexpected
Open in Slack
PreviousNext
Powered by