Technology

OpenSSH Change a Passphrase With ssh-keygen command

There is no greater hope in human life than survival. At the same time, it is important to live well. With that in mind, every content on the website is written so that a person can get all the information from here to start his life to make beautifully.

According to that, Technology is one of the topics. It is also a part of life. Read carefully Details of Technology related article

OpenSSH Change a Passphrase With ssh-keygen command

How do I change OpenSSH passphrase for one of my private keys under Linux, OpenBSD, FreeBSD, Apple macOS/OS X or Unix-like operating systems?

You need to use the ssh-keygen command to generates, change manages and converts authentication keys for ssh. You should the see following files at $HOME/.ssh or ~/.ssh director. That is /home/$USER/.ssh/. Let us see how to change a ssh passphrase with ssh-keygen command command on Linux or Unix-like systems.

Tutorial details
Difficulty level Easy
Root privileges No
Requirements ssh on Linux/macOS/Unix
Est. reading time 3 minutes

Listing OpenSSH private and public ssh keys

You can use the ls -l $HOME/.ssh/ command to see the following files:

  • id_dsa.* : DSA keys for authentication
  • id_rsa.* : RSA keys authentication identity of the user
  • id_ed25519.* : EdDSA keys authenticationr

For example:
ls -l ~/.ssh/
ls -l ~/.ssh/id_*

Listing ssh keys to change the passphrase for an SSH key

Typically private key names start with id_rsa or id_ed25519 or id_dsa, and they are protected with a passphrase. However, users can name their keys anything. In the above example, for my intel NUC, I named RSA keys as follows:

  • intel_nuc_debian – Private RSA key
  • intel_nuc_debian.pub – Public RSA key

How to change a ssh passphrase

The procedure is as follows for OpenSSH to change a passphrase:

 

Patreon supporters only guides 🤓

    • No ads and tracking

 

 

    • Join my Patreon to support independent content creators and start reading latest guides:

 

Join Patreon
  1. Open the terminal application
  2. To change the passphrase for default SSH private key:
    ssh-keygen -p
  3. You can specify the filename of the key file:
    ssh-keygen -p -f ~/.ssh/intel_nuc_debian

Let us see all examples in details.

Please note that you must know the old passphrase to set up a new one. Currently, there is no way to reset forgotten ssh passphrases. Therefore, this page is about changing the existing passphrase and not about recovering OpenSSH passphrase-protected private keys.

OpenSSH Change a Passphrase ssh-keygen command

The -p option requests changing the passphrase of a private key file instead of creating a new private key. The program will prompt for the file containing the private key, for the old passphrase, and twice for the new passphrase. Use -f {filename} option to specifies the filename of the key file. For example, change directory to $HOME/.ssh. Open the Terminal app and then type the cd command:
$ cd ~/.ssh/
To change DSA passphrase, enter:
$ ssh-keygen -f id_dsa -p
For ed25519 key:
$ ssh-keygen -f id_ed25519 -p
Let us change RSA passphrase, enter:
$ ssh-keygen -f id_rsa -p

Animated gif 01: Changing your openssh passphrase

Removing a Passphrase with ssh-keygen

The syntax is same but to remove the existing passphrase, hit Enter key twice at the steps to enter the new one and then confirm it:
ssh-keygen -f ~/.ssh/id_rsa -p
ssh-keygen -f ~/.ssh/aws_cloud_automation -p

Removing the existing ssh key passphrase by simply hitting Enter key twice instead of setting up a new one

However, you can state empty passphrase by abusing the -N option as follows to save hitting the Enter key twice:
ssh-keygen -p -N ""
ssh-keygen -f ~/.ssh/aws_cloud_automation -p -N ""

Summing up

You learned about changing or removing ssh passphrases for private keys using the ssh-keygen command. OpenSSH command comes with many options, and you can read them online in the documentation section or type the following man command:
man ssh-keygen

 


ADVERTISEMENT
 

 

Did you like this article?
Share it on any of the following social media channels below to give us your vote. Your feedback helps us improve.

Other related Technologies ideas you might enjoy

Related Articles

Leave a Reply

Your email address will not be published.