Need Assistance?

In only two hours, with an average response time of 15 minutes, our expert will have your problem sorted out.

Server Trouble?

For a single, all-inclusive fee, we guarantee the continuous reliability, safety, and blazing speed of your servers.

How to Fix Ansible Error: Decryption Failed?

Ansible Error: Decryption Failed: Stuck? You can rely on us.

We find it irritating to encounter errors when attempting to execute an Ansible playbook.

We help our clients with several Ansible queries as part of our server management services.

Let’s examine how to correct this mistake today.

Ansible Error: Decryption Failed

Recently, one of our clients discovered the following error:

fatal: [server1.lab.com]: FAILED! => {“msg”: “Decryption failed (no vault secrets were found that could decrypt) on /home/skynats/ansible/encrypted_data.txt”}
fatal: [server1.lab.com]: FAILED! => {“msg”: “A vault password or secret must be specified to decrypt /home/skynats/ansible/skynats/encrypted_data.txt”}

We can encrypt files with Ansible Vault instead of displaying them in playbooks as plaintext.

We typically use it for sensitive data like passwords, SSL private keys, and so forth.

The Ansible vault by default employs the AES256 algorithm to encrypt data.

File before encryption :

$> cat encrypted_data.txt
This is an encrypted data

Utilizing Ansible Vault for encryption

$ ansible-vault encrypt encrypted_data.txt
New Vault password:
Confirm New Vault password:
Encryption successful

After Encryption :

$ > cat encrypted_data.txt
$ANSIBLE_VAULT;1.1;AES256
30613332366266623564636132643536646265316132636439326535613939333061376337666433
3831313731303866643765313962323065346565613937650a396162373436306363383934643464
32393037346666303036306365396139383832383632373235323432666638366335623163363539
3530363234656536620a356138366536643164353462613138333664363134303533326566636232
32623530373362396231613230653939393865323639633966616530346261653863

It is now secure to add it as a parameter to the ansible-playbook.

When we execute the ansible-playbook that contains a file encrypted with ansible vault, we must also provide a decryption password.

Cause of the error and solution

Let’s examine the root of the issue and how our tech support team resolves it now.

Usually, this error occurs as a result of an incorrect decryption password that we give to Ansible.

Take the playbook for the encrypted data.txt file as an example. We used Ansible Vault to encrypt the file, which we then copied to the target machine after decryption.

vault.yml :

– hosts: server1.lab.com
tasks:
– name: Copying Encrypted file to target machine and decrypting
copy:
src: encrypted_data.txt
dest: /home/decrypted_data.txt

If we attempt to run the playbook in this manner:

ansible-playbook vault.yml

This will ultimately lead to a mistake.

As a result, we must give the playbook the decryption password, either as a prompt to the terminal or as a vault file.

ansible-playbook vault.yml –ask-vault-pass ## To prompt for vault password

ansible-playbook vault.yml –vault-password-file /home/skynats/private/vault_pass.txt ## To automatically read the vault password

We have a practical method for passing the vault password. Once we give the ansible controller the right password, the error goes away.

Conclusion

In conclusion, this error can be caused by using the wrong decryption password. Today, we saw the error being fixed for our clients by our Tech Support team.

Are you looking for an answer to another query? Contact our technical support team.

Liked!! Share the post.

Get Support right now!

Start server management with our 24x7 monitoring and active support team

Can't get what you are looking for?

Available 24x7 for emergency support.