It is essential to change the passphrase of your SSH key if security is a top priority. When a client and a server securely connect to one another over the internet using SSH keys, each possesses a public key and a private key. The server retains the private key, while the client’s computer holds the public key. A passphrase, serving as a secret word or phrase, provides an additional layer of security for the private key.

You may easily change your SSH key’s passphrase in a few easy steps if you need to for any reason. In this article, I will demonstrate how to use the command-line utility ssh-keygen to modify an SSH key’s password.

Check if you have an existing SSH key

Before you change the passphrase of an SSH key, you need to make sure that you have an existing SSH key on your system. You can check if you have an SSH key by running the following command in the terminal:

ls ~/.ssh/id_*

If you have an SSH key, you should see output similar to the following:

~/.ssh/id_rsa  ~/.ssh/id_rsa.pub

If you don’t have an SSH key, you can generate one by following this tutorial on how to generate an SSH key.

Start the process of changing the passphrase

To change the passphrase of an SSH key, you need to use the ssh-keygen command-line tool. Open a terminal window and run the following command:

ssh-keygen -p

This will start the process of changing the passphrase.

Enter the filename of the key

You will be prompted to enter the filename of the key you want to change the passphrase for. If your SSH key is in the default location, you can simply press Enter to use the default filename (~/.ssh/id_rsa).

Enter file in which the key is (/home/user/.ssh/id_rsa):

Enter the old passphrase

Next, you will be prompted to enter the old passphrase for the key. If your SSH key did not previously have a passphrase, just press Enter to continue.

Enter old passphrase:

Enter the new passphrase

Enter the new passphrase you want to use for the key, and then confirm it by typing it again when prompted.


Enter new passphrase (empty for no passphrase):
Enter same passphrase again:

Save the modified key

Once you have confirmed the new passphrase, ssh-keygen will save the modified key with the new passphrase.


Your identification has been saved with the new passphrase.

That’s it! You have successfully changed the passphrase for your SSH key. You can now use the key with the new passphrase to authenticate with remote servers.

Conclusion

In this tutorial, we showed you how to change the passphrase of an SSH key using the ssh-keygen command-line tool. Remember to update the passphrase in any scripts or tools that use the key, and keep your private key secure by protecting it with a strong passphrase.

Got any queries or feedback? Feel free to drop a comment below!

Categorized in:

How-ToLinux System Administration

Tagged in:

, , , , , ,