Solve ssh-keygen Problem: No Passphrase Needed

  • Thread starter Thread starter Borek
  • Start date Start date
Click For Summary
The user is attempting to add a passphrase to an existing SSH private key file for security while traveling. Initially, they encountered issues with the command `ssh-keygen -p -f id_rsa_priv.ppk`, which prompted for an old passphrase that they could not recall. It was suggested that they might have another key-pair allowing access without a passphrase. The recommended solution was to generate a new key-pair and update the authorized_keys file on remote servers. The user confirmed they were using PuTTY, which typically generates .ppk files, and noted that while `ssh-keygen` could not add a passphrase, `puttygen` successfully modified the key without issues. This highlights compatibility differences between tools used for managing SSH keys.
Borek
Mentor
Messages
29,155
Reaction score
4,605
I have a private key file used to log into remote servers. As the file resides only on a desktop computer, key file was prepared without a passphrase (or at least that's what I remember and I am never asked to enter a passphrase when I use ssh, which makes me think I remember right). However, now I am going on a trip and I want to be able to use the same key on my laptop - so to be safe I wanted to add a passphrase. Judging from the man page to change a passphrase I should use something like

ssh-keygen -p -f id_rsa_priv.ppk

but it doesn't work - that is, I am asked to enter the old passphrase, but when I just press Enter I am told it is a bad one. Any ideas what should I do? I already tried using -P "" to no avail.
 
Computer science news on Phys.org
When I first generate a key with an empty pass phrase (with just $ ssh-keygen), I can change it with:
$ ssh-keygen -p -f id_rsa
When I do, it does not ask for the old pass phrase, but just for a new one.
If I repeat it, it asks for the old pass phrase that I had just entered as new phrase.

Seems to me that you do have an old pass phrase, but apparently you do not know it any more.
Although that doesn't really explain why it usually doesn't ask for a pass phrase.
Can it perhaps be that there is another key-pair involved that allows you to log in without pass phrase?

Anyway, easiest way to resolve it, is by preparing new key-pairs, and dropping off the public keys at your remote servers in the authorized_keys file.
(Note that public key files and the authorized_keys file are just text files that you can edit.)
 
Last edited:
Try:
Code: 
# ssh-keygen -p -f id_rsa_priv.ppk -N newpasswd

Another option you could consider is generating a second ssh key for your laptop to use while traveling and then revoke it after you get back.
 
Btw, are you using PuTTY or something?
I seem to recall that it typically generates files with the .ppk extension.
Typically with PuTTY things are a little less straight forward than with native linux tools.
 
jhae2.718 said:
Try:
Code: 
# ssh-keygen -p -f id_rsa_priv.ppk -N newpasswd

Tried that as well, didn't work. Asks for a passphrase.

I like Serena said:
Btw, are you using PuTTY or something?
I seem to recall that it typically generates files with the .ppk extension.
Typically with PuTTY things are a little less straight forward than with native linux tools.

PuTTy on windows, but I am using exactly the same key file with ssh on a Linux machine.

But your question suggested a solution. ssh-keygen was not able to add a passphrase, while puttygen did it without a problem. Apparently just because a key file works OK with ssh doesn't mean it works OK with ssh-keygen.

Why do I still feel surprised by such things after programming for 30 years
grumpy_borek.png


Thank you! Case closed.
 
Thread 'ChatGPT Examples, Good and Bad'

Thread 'ChatGPT Examples, Good and Bad'

I've been experimenting with ChatGPT. Some results are good, some very very bad. I think examples can help expose the properties of this AI. Maybe you can post some of your favorite examples and tell us what they reveal about the properties of this AI. (I had problems with copy/paste of text and formatting, so I'm posting my examples as screen shots. That is a promising start. :smile: But then I provided values V=1, R1=1, R2=2, R3=3 and asked for the value of I. At first, it said...
View full post »

Similar threads

Trouble installing MySQL on Ubuntu 20.04 — asks for root password
  • · Replies 6 ·
Replies
6
Views
9K
Print from Linux CUPS to printer on Win8.1 with server side rendering [sort of solved]
  • · Replies 4 ·
Replies
4
Views
2K
Problems with a USB network adapter for a PC
  • · Replies 15 ·
Replies
15
Views
3K
What is the computer hardware needed by a physicist?
  • · Replies 18 ·
Replies
18
Views
5K
Problem with importing an address book (.csv format) to yahoo.com
  • · Replies 3 ·
Replies
3
Views
5K
Windows 10 Update - Caused Loop (Need a Computer )
  • · Replies 12 ·
Replies
12
Views
4K
Gentoo Linux PC in a Mazda: Amazing Audio & Automobile Control
  • · Replies 7 ·
Replies
7
Views
9K
Solving Unusual Mouse Behavior on Windows 7
  • · Replies 14 ·
Replies
14
Views
3K
Can Third Party Software Monitor Your Computer?
  • · Replies 3 ·
Replies
3
Views
3K
C/C++ What is the difference between cin and getline in C++?
  • · Replies 8 ·
Replies
8
Views
4K