Remove passphrase (password) from private RSA keyBy neokrates, written on April 7, 2010 |
 howto |
- neokrates
- Email: uwarov@yahoo.com
- Website: http://www.thinkplexx.com
- Join date: 05-31-09
- Posts: 20
(1 votes, average: 5 out of 5)
Loading ...
Best shells (or command line language) are?
- Bash (47%, 9 Votes)
- Different shell (21%, 4 Votes)
- Zsh (21%, 4 Votes)
- Csh (11%, 2 Votes)
- Power shell (5%, 1 Votes)
- Ksh (5%, 1 Votes)
- Lush (0%, 0 Votes)
- Quicksilver (0%, 0 Votes)
- IPython (0%, 0 Votes)
- Rush (0%, 0 Votes)
- Pash (0%, 0 Votes)
- Dos cl (0%, 0 Votes)
- Fish shell (0%, 0 Votes)
Total Voters: 19
Loading ...
It is there secure yet annoying, to have a password encrypted rsa key.
You want to automatically login and/or run remote commands per ssh. No interaction.
Here is how you remove the passphrase from you rsa key.
Software:
![[v]](http://www.thinkplexx.com/wp-includes/images/smilies/thinkplexx/set1/OkX16.png)
OpenSSH
Ubuntu 9.10
Should also work for:
any OpenSSH installation
- Given, your key is in id_rsa
| 1 |
Passphrase is needed?
Try some host which has your public key (id_rsa.pub)
> ssh my_user@myhost
You should get Enter passphrase for key kind of response
| 2 |
Remove passphrase
openssl rsa -in ~/.ssh/id_rsa -out ~/.ssh/id_rsa_new
and enter your old passphrase
| 3 |
Replace key
Backup and replace your private ssh key
cp ~/.ssh/id_rsa ~/.ssh/id_rsa.backup rm ~/.ssh/id_rsa cp ~/.ssh/id_rsa_new ~/.ssh/id_rsa
| 4 |
Set key permissions
chmod 400 ~/.ssh/id_rsa
| 5 |
Test it
Now, following should log your into remote system, no questions asked
> ssh my_user@myhost
![[i]](http://www.thinkplexx.com/wp-includes/images/smilies/thinkplexx/set1/InfoX16.png)
REMARKS
1. In case you used passphrase, your key was really encrypted using your phrase, so openssl rsa -in call actually removes encryption.
2. If your forget to set proper permission flags, following may occur:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0664 for '/home/myname/.ssh/id_rsa' are too open. It is recommended that your private key files are NOT accessible by others. This private key will be ignored. bad permissions: ignore key: /home/myname/.ssh/id_rsa
|
LEARN MORE (amazon bookstore)
|
|
TAGS
|
|
SOCIAL
|
|
|
INCOMING SEARCH TERMS
|
I ended up choosing a ucc ssl certificate after my third domain needed security. The break-even seemed to be at somewhere between 2 and 3 domain. SSL certs are pretty much commodity items now, so I’d recommend shopping by price. Wikipedia has a good comparison of ssl certificate providers.
Like or Dislike:
0 
1
[...] http://www.thinkplexx.com/learn/howto/security/ssl/remove-passphrase-password-from-private-rsa-key Tags: homepage, [...]
Like or Dislike:
0 
0
ssh-keygen -p -P old_passphrase -N “” -f /home/myname/.ssh/id_rs
Like or Dislike:
1 
0
This didn’t work for me . . . I’m still asked for a passphrase.
Like or Dislike:
0 
0
- Which openSSH version do you use?
- Which OS , version, and distro (if you use linux)?
BR // Neokrates
Like or Dislike:
0 
0
Worked for me!!!!!!!!!!!!!
Thank you.
Like or Dislike:
0 
0
[...] http://www.thinkplexx.com/learn/howto/security/ssl/remove-passphrase-password-from-private-rsa-key [...]
Like or Dislike:
0 
0