connecting to a remote host with ansible-vault encrypted private key does not work

Question

I can ssh to a remote server if I use the ansible command module

e.g

tasks:

 - name: ssh to remote machine

   command: ssh -i key [email protected]

However as this will be stored in github, I encrypted the private ssh key with ansible-vault.
Once I rerun the same command with the vault decryption password (--ask-vault-pass) it will not connect. It's as if the encryption/de-encryption does not return the same ssh key. What am I doing wrong here?

Answer 1

My legendary colleague found a solution if anyone else comes across the same issue.

Ansible SSH private key in source control?

You need to copy your encrypted ssh private key to another file first to decrypt it and then you can use it e.g.

- hosts: localhost
  gather_facts: false
  vars:
    source_key: key
    dest_key: key2
  tasks:
  - name: Install ssh key
    copy:
      src: "{{ source_key }}"
      dest: "{{ dest_key }}"
      mode: 0600

  - name: scp over the cert and key to remote server
    command: ssh -i key2 [email protected]