Questions tagged [passphrase]

24 questions
400
votes
3 answers

How do I change my private key passphrase?

I have an existing public/private key pair. The private key is password protected, and the encryption may be either RSA or DSA. These keys are the kind you generate with ssh-keygen and generally store under ~/.ssh. I'd like to change the private…
kch
  • 4,472
  • 3
  • 19
  • 17
157
votes
9 answers

Is it possible to generate RSA key without pass phrase?

I'm working with Apache2 and Passenger for a Rails project. I would like to create a self-signed SSL Certificate for testing purposes. sudo openssl rsa -des3 -in server.key -out server.key.new When i enter the above command, it says writing RSA…
diya
  • 1,723
  • 2
  • 13
  • 8
20
votes
4 answers

Publishing id_rsa.pub for easier setup of new environments?

To make setting up passwordless SSH easier on new machines and environments, is there any reason why the id_rsa.pub file (just the public half of the key pair) could not be published somewhere on the web? For example in a dotfiles GitHub…
DouglasDD
  • 442
  • 3
  • 11
12
votes
2 answers

Cannot decrypt private key eventhough I know passphrase

I think my problem comes down to the fact something is wrong with the key but I cannot just decrypt it, for further investigation, with out parsing it. But I am not sure. I am trying to use standard method: openssl rsa -in ./id_rsa -out…
luk32
  • 233
  • 1
  • 3
  • 7
7
votes
5 answers

scp inside sh-script with passphrase

I've got a sh-script for a backup scp /mybackupdir/* backupuser@backupserver:/backup Is there an easy way to add a passphrase to the scp? Or do I have to check if an ssh-agent is running and if not start one and add the key?
Stephan Weinhold
  • 177
  • 1
  • 1
  • 6
7
votes
2 answers

How can I use Duplicity with a symmetric key?

I am using duplicity to perform backups on my server. Right now duplicity is encrypting the backup using a GPG public-private key system. I would prefer to encrypt the backup files using just a passphrase, so I don't have to try and keep up with…
mclark1129
  • 555
  • 1
  • 11
  • 28
7
votes
2 answers

How to protect an SSL certificate (Apache/CentOS)

I currently use a server SSL certificate without a pass-phrase in order to allow Apache to start up unattended. There are signs from customers to require us to protect the SSL certificate more securely. I'm not sure yet what they are aiming for, but…
Amos Shapira
  • 839
  • 2
  • 11
  • 23
4
votes
3 answers

remove empty passphrase from ssl key using openssl

I have an openssl key file encrypted with an empty passphrase. I'm trying to remove the passphrase using this command openssl rsa -in ca.key -out ca.key.clear I then try to enter the empty passphrase when it asks for the current passphrase, but I…
Matthew Sharp
  • 200
  • 3
  • 8
4
votes
2 answers

SSH: prevent from asking for passphrase when ssh-agent auth fails

I am writing a script to cycle through a list a known hostnames so as to find a working SSH server on which I can auth with my SSH key. The key is already loaded with ssh-agent and ssh-add, so if I connect to a working remote host that knows my key,…
zopieux
  • 143
  • 3
3
votes
1 answer

How to change GELI passphrase on FreeBSD 11 Root-On-ZFS system with mirror RAID?

How to change GELI passphrase on FreeBSD 11 Root-On-ZFS system with mirror RAID? Swap devices are also mirrored and ancrypted. I have /dev/ada0p5.eli /dev/ada1p5.eli and /dev/mirror/swap.eli devices. Thank You.
Norbert
  • 31
  • 2
3
votes
1 answer

SSH - Putty Private Key and Passphrase

For giving remote access to a linux server, the administrator generated the public and private key pair probably using the Putty Key Generator and sent me the .ppk file. I loaded the .ppk file (having the private key) in Putty and can now access the…
catman
  • 41
  • 1
  • 6
3
votes
2 answers

Bash Script for SCP -- SSH Keys

I'm working as a programmer at the moment, and as a result need to constantly upload my software to remote systems for testing. I have about 7 machines which need to receive copies of everything. At the moment, I have a short bash script with a scp…
BSchlinker
  • 340
  • 2
  • 3
  • 12
2
votes
1 answer

openvpn: auth-user-pass or (and?) passphrase?

I'm setting up OpenVPN on PfSense 2.0, and now i wonder if should use the "auth-user-pass" option, set an passphrase on the openssl keys or both. Both require an extra password beside of the valid certificat, but i don't know if one method is more…
rmweiss
  • 183
  • 1
  • 6
1
vote
2 answers

Add ssh pass phrase after setup?

Can an ssh pass phrase added after ssh is already setup? I'm using Debian 8 stable Jessie 8.7. And how can you save it in Debian like in a keyring so you do not have to enter it everytime? Thanks to all for the answers.
djangoman
  • 25
  • 4
1
vote
2 answers

ssh enter passphrase one line

I want to execute a command via ssh but my server is using passphrase, I want to make one-line only without asking passphrase. ~# ssh -t root@dev5 'echo "tes" ; bash' Enter passphrase for key '/home/sed22/.ssh/id_rsa': Thanks for help.
user1070579
  • 141
  • 1
  • 2
  • 7
1
2