Can an ssh pass phrase added after ssh is already setup? I'm using Debian 8 stable Jessie 8.7. And how can you save it in Debian like in a keyring so you do not have to enter it everytime? Thanks to all for the answers.
Asked
Active
Viewed 417 times
2 Answers
2
SSH uses your normal user password, so it can be changed with the passwd command on the machine you're connecting to.
By default, Debian has public/private key authentication enabled, so you can use RSA keys instead of a passphrase, if you put your public key on the system you're connecting to. First, you need to create a key on your local machine:
ssh-keygen
Then, put it on the remote server. Type this command on your local machine:
cat ~/.ssh/id_rsa.pub | ssh user@remotehost "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"
Then you will no longer need a password to log in.
EDIT: @EEAA brings up a good point: ed25519 is a much better cryptographic system nowadays than RSA, and it might be a good idea to start switching. You can create an ed25519 public/private key pair and copy it to your remote system like so:
ssh-keygen -t ed25519
cat ~/.ssh/id_ed25519.pub | ssh user@remotehost "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"
There's an interesting read regarding ed25519 vs RSA over in the StackExchange IS community
dogoncouch
- 176
- 5
-
These days we should be recommending usage of ed25519 keys over rsa. – EEAA Apr 29 '17 at 02:38
-
@EEAA Good point. Answer updated. – dogoncouch Apr 29 '17 at 02:50
0
If your question is how to add a pass phrase to an existing ssh key that is not secured with a password?
You can change the pass phrase with ssh-keygen:
ssh-keygen -p -f ~/.ssh/private-key-file
HBruijn
- 72,524
- 21
- 127
- 192