Remove passphrase (password) from private RSA key

By neokrates, written on April 7, 2010


Rate it
  • 1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5 out of 5)
    Loading ... Loading ...
  • Best shells (or command line language) are?

    • Bash (47%, 9 Votes)
    • Different shell (21%, 4 Votes)
    • Zsh (21%, 4 Votes)
    • Csh (11%, 2 Votes)
    • Power shell (5%, 1 Votes)
    • Ksh (5%, 1 Votes)
    • Lush (0%, 0 Votes)
    • Quicksilver (0%, 0 Votes)
    • IPython (0%, 0 Votes)
    • Rush (0%, 0 Votes)
    • Pash (0%, 0 Votes)
    • Dos cl (0%, 0 Votes)
    • Fish shell (0%, 0 Votes)

    Total Voters: 19


    Loading ... Loading ...
  • bodytext bodytext bodytext
Most popular search terms:

It is there secure yet annoying, to have a password encrypted rsa key.
You want to automatically login and/or run remote commands per ssh. No interaction.
Here is how you remove the passphrase from you rsa key.


[v] OpenSSH
[v] Ubuntu 9.10

Should also work for:

[v] any OpenSSH installation

Given, your key is in id_rsa


Passphrase is needed?

Try some host which has your public key (

> ssh my_user@myhost

You should get Enter passphrase for key kind of response


Remove passphrase

openssl rsa -in ~/.ssh/id_rsa -out ~/.ssh/id_rsa_new

and enter your old passphrase


Replace key

Backup and replace your private ssh key

cp ~/.ssh/id_rsa ~/.ssh/id_rsa.backup
rm ~/.ssh/id_rsa
cp ~/.ssh/id_rsa_new ~/.ssh/id_rsa


Set key permissions

chmod 400 ~/.ssh/id_rsa


Test it

Now, following should log your into remote system, no questions asked

> ssh my_user@myhost

1. In case you used passphrase, your key was really encrypted using your phrase, so openssl rsa -in call actually removes encryption.

2. If your forget to set proper permission flags, following may occur:

Permissions 0664 for '/home/myname/.ssh/id_rsa' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /home/myname/.ssh/id_rsa
Does that help to solve your problem?
VN:F [1.8.5_1061]
Rating: +33 (from 41 votes)
37 votes 'YES'  4 votes 'NO'

LEARN MORE (amazon bookstore)


    nope :(

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • bodytext
  • Sphinn
  • Facebook
  • Mixx
  • Google
  • BlinkList
  • Blogosphere News
  • E-mail this story to a friend!
  • Furl
  • LinkArena
  • Live
  • MisterWong
  • Print this article!
  • StumbleUpon
  • Technorati
  • YahooMyWeb


11 Responses to “Remove passphrase (password) from private RSA key”

  1. I ended up choosing a ucc ssl certificate after my third domain needed security. The break-even seemed to be at somewhere between 2 and 3 domain. SSL certs are pretty much commodity items now, so I’d recommend shopping by price. Wikipedia has a good comparison of ssl certificate providers.

    Like or Dislike: Thumb up 0 Thumb down 1

  2. duze says:

    ssh-keygen -p -P old_passphrase -N “” -f /home/myname/.ssh/id_rs

    Like or Dislike: Thumb up 1 Thumb down 0

  3. eggmatters says:

    This didn’t work for me . . . I’m still asked for a passphrase.

    Like or Dislike: Thumb up 0 Thumb down 0

  4. Geminy says:

    Worked for me!!!!!!!!!!!!!
    Thank you.

    Like or Dislike: Thumb up 0 Thumb down 0

  5. Jean says:

    Worked! Thank you.

    Like or Dislike: Thumb up 0 Thumb down 0

  6. Daniel says:

    Thank you!

    Like or Dislike: Thumb up 0 Thumb down 0

Leave a Reply