Public and private key pair can be created and used for publickey authentication method in SSH. During the SSH key pair creation process you have the option to whether or not assign passphrase to the key.

A key without passphrase would allow passwordless login to SSH servers whereas if passphrase is assigned, you'll need to key in the passphrase during the publickey login process.

This can be changed after the fact as you can still add, edit or remove the passphrase on your existing SSH private key using ssh-keygen.

Steps to add passphrase to an SSH key

  1. Run ssh-keygen with -p option.
    $ ssh-keygen -p 
  2. Specify the location of your SSH private key.
    Enter file in which the key is (/home/user/.ssh/id_rsa):

    Default location is selected by default

  3. Comment of the private key will be displayed.
    Key has comment '[email protected]'
  4. Enter a passphrase for the key twice.
    Enter new passphrase (empty for no passphrase):
    Enter same passphrase again:
  5. Confirmation message will be displayed.
    Your identification has been saved with the new passphrase.

Steps to edit passphrase of an SSH key

  1. Run ssh-keygen with -p option .
    $ ssh-keygen -p 
  2. Specify the location of your SSH private key.
    Enter file in which the key is (/home/user/.ssh/id_rsa):

    Default location is selected by default

  3. Enter existing passphrase for the private key.
    Enter old passphrase:
  4. Comment of the private key will be displayed.
    Key has comment '[email protected]'
  5. Enter a new passphrase for the key twice.
    Enter new passphrase (empty for no passphrase):
    Enter same passphrase again:
  6. Confirmation message will be displayed.
    Your identification has been saved with the new passphrase.

Steps to remove passphrase from an SSH key

  1. Run ssh-keygen with -p option .
    $ ssh-keygen -p 
  2. Specify the location of your SSH private key.
    Enter file in which the key is (/home/user/.ssh/id_rsa):

    Default location is selected by default

  3. Enter existing passphrase for the private key.
    Enter old passphrase:
  4. Comment of the private key will be displayed.
    Key has comment '[email protected]'
  5. Press [ENTER] twice without entering any passphrase.
    Enter new passphrase (empty for no passphrase):
    Enter same passphrase again:
  6. Confirmation message will be displayed.
    Your identification has been saved with the new passphrase.
Discuss the article:

Comment anonymously. Login not required.

Share!