Chuck Nemeth

User Tools

Site Tools

Trace:
linux:security:keyring:secret-tool

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
linux:security:keyring:secret-tool [2021/11/09 00:32] – [Usage] chucklinux:security:keyring:secret-tool [2021/11/14 16:59] (current) chuck
Line 1: Line 1:
 ======secret-tool====== ======secret-tool======
-Store and retrieve passwords from the keyring. 
  
  
 ---- ----
  
-===Description=== +=====Description===== 
-<WRAP green announcement smaller> +Store and retrieve passwords from the keyring.
-==From man secret-tool== +
-Each password is stored in an item. Items are uniquely identified by a set of attribute keys and values. When +
-storing a password you must specify unique pairs of attributes names and values, and when looking up a  +
-password you provide the same attribute name and value pairs. +
-</WRAP>+
  
 ---- ----
Line 29: Line 23:
     * ''%%{attribute}%%'' = Used by the secret-tool for retrieving or deleting a given secret.     * ''%%{attribute}%%'' = Used by the secret-tool for retrieving or deleting a given secret.
     * ''%%{value}%%'' = Used by the secret-tool for retrieving or deleting a given secret.     * ''%%{value}%%'' = Used by the secret-tool for retrieving or deleting a given secret.
- 
----- 
  
   * Add an entry:<code bash>   * Add an entry:<code bash>
 secret-tool store --label='My Label' {attribute} {value} {attribute2} {value2} [...] secret-tool store --label='My Label' {attribute} {value} {attribute2} {value2} [...]
-Password: 
 </code> </code>
   * Retrieve a password:<code bash>   * Retrieve a password:<code bash>
 secret-tool lookup {attribute} {value} {attribute2} {value2} [...] secret-tool lookup {attribute} {value} {attribute2} {value2} [...]
-P4s$W0rd 
 </code> </code>
   * Show entries with similar key/values:<code bash>   * Show entries with similar key/values:<code bash>
 secret-tool search --all {attribute} {value} {attribute2} {value2} [...] secret-tool search --all {attribute} {value} {attribute2} {value2} [...]
-[/org/freedesktop/secrets/collection/TestDB/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx] 
-label = test2 
-secret = P4s$W0rd 
-created = 2020-05-08 17:58:08 
-modified = 2020-05-08 21:16:04 
-schema = (null) 
-attribute.Path = /test2 
-attribute.Uuid = 04706d96b2404a2f96de02a8a76bf113 
-attribute.UserName = chuck 
-attribute.URL =  
-attribute.Notes =  
-attribute.Title = test2 
-attribute.Key1 = Value1 
-attribute.Key2 = Value2 
 </code> </code>
- 
   * Delete an entry:<code bash>   * Delete an entry:<code bash>
 secret-tool clear {attribute} {value} {attribute2} {value2} [...] secret-tool clear {attribute} {value} {attribute2} {value2} [...]
 </code> </code>
  
 +----
 ====Searching==== ====Searching====
   * Generic Formatting Example:<code bash>   * Generic Formatting Example:<code bash>
Line 86: Line 62:
 </code> </code>
   * Use in docker: https://www.marian-dan.ro/blog/storing-secrets-using-secret-tool/   * Use in docker: https://www.marian-dan.ro/blog/storing-secrets-using-secret-tool/
 +
 +----
 +
 +====Use keyring for Ansible====
 +  * Create keyring entry:<code bash>
 +secret-tool store --label='Ansible Playbook' service ansible_playbook username <username>
 +</code>
 +  * Create variable in playbook:<code yaml>
 +admin_user: "username"
 +ansible_become_pass: "{{ lookup('community.general.keyring', 'ansible_playbook {{ admin_user }}') }}"
 +</code>
 +  * https://docs.ansible.com/ansible/latest/collections/community/general/keyring_lookup.html
  
 ---- ----
linux/security/keyring/secret-tool.1636417977.txt.gz · Last modified: by chuck