Dismiss Notice
Join Physics Forums Today!
The friendliest, high quality science and math community on the planet! Everyone who loves science is here!

Ssh-keygen problem

  1. Jul 14, 2012 #1

    Borek

    User Avatar

    Staff: Mentor

    I have a private key file used to log into remote servers. As the file resides only on a desktop computer, key file was prepared without a passphrase (or at least that's what I remember and I am never asked to enter a passphrase when I use ssh, which makes me think I remember right). However, now I am going on a trip and I want to be able to use the same key on my laptop - so to be safe I wanted to add a passphrase. Judging from the man page to change a passphrase I should use something like

    ssh-keygen -p -f id_rsa_priv.ppk

    but it doesn't work - that is, I am asked to enter the old passphrase, but when I just press Enter I am told it is a bad one. Any ideas what should I do? I already tried using -P "" to no avail.
     
  2. jcsd
  3. Jul 14, 2012 #2

    I like Serena

    User Avatar
    Homework Helper

    When I first generate a key with an empty pass phrase (with just $ ssh-keygen), I can change it with:
    $ ssh-keygen -p -f id_rsa
    When I do, it does not ask for the old pass phrase, but just for a new one.
    If I repeat it, it asks for the old pass phrase that I had just entered as new phrase.

    Seems to me that you do have an old pass phrase, but apparently you do not know it any more.
    Although that doesn't really explain why it usually doesn't ask for a pass phrase.
    Can it perhaps be that there is another key-pair involved that allows you to log in without pass phrase?

    Anyway, easiest way to resolve it, is by preparing new key-pairs, and dropping off the public keys at your remote servers in the authorized_keys file.
    (Note that public key files and the authorized_keys file are just text files that you can edit.)
     
    Last edited: Jul 14, 2012
  4. Jul 14, 2012 #3

    jhae2.718

    User Avatar
    Gold Member

    Try:
    Code (Text):

    # ssh-keygen -p -f id_rsa_priv.ppk -N newpasswd
     
    Another option you could consider is generating a second ssh key for your laptop to use while travelling and then revoke it after you get back.
     
  5. Jul 14, 2012 #4

    I like Serena

    User Avatar
    Homework Helper

    Btw, are you using PuTTY or something?
    I seem to recall that it typically generates files with the .ppk extension.
    Typically with PuTTY things are a little less straight forward than with native linux tools.
     
  6. Jul 14, 2012 #5

    Borek

    User Avatar

    Staff: Mentor

    Tried that as well, didn't work. Asks for a passphrase.

    PuTTy on windows, but I am using exactly the same key file with ssh on a Linux machine.

    But your question suggested a solution. ssh-keygen was not able to add a passphrase, while puttygen did it without a problem. Apparently just because a key file works OK with ssh doesn't mean it works OK with ssh-keygen.

    Why do I still feel surprised by such things after programming for 30 years grumpy_borek.png

    Thank you! Case closed.
     
Know someone interested in this topic? Share this thread via Reddit, Google+, Twitter, or Facebook




Similar Discussions: Ssh-keygen problem
  1. Need ssh help (Replies: 2)

  2. Ssh frustrations (Replies: 4)

Loading...