What is the difference between password and passphrase under OpenSSH with DSA / RAS public key authentication?
Recently I received an interesting question from one my regular reader:
What is the basic and important difference between password and passphrase when implementing SSH with DSA/RAS public key authentication? Which one is recommended for daily usage?
The main and basic difference is that you can use multi string phrase including spaces and tabs using a passphrase under ssh. Normal /etc/shadow password is a single string password and many application will breaks with spaces and tabs while using authentication. So your account password must be a single word/string.
For example my account password can be iF33%gNCyzDy
I could create a passphrase: Th1s 1s A t3sT and s3cur3 pa$$phra$3
The advantage is simple you can use spaces and tabs to create a more secure and hard to break authentication method. This makes dictionary based attack quite difficult.
Further readings:
Passwords vs. Pass Phrases
The Great Debates: Pass Phrases vs. Passwords. Part 1 of 3
If anyone aware of more differences please add in comments section ![]()
Want to stay up to date with the latest Linux tips, news and announcements? Subscribe to our free e-mail newsletter or RSS feed to get all updates.
You can Email this page to a friend.
You may also be interested in other helpful articles:
- Linux: How to Encrypt and decrypt files with a password
- Happy 8th Birthday, OpenSSH!
- Linux or UNIX password protect files
- Download of the Day: OpenSSH Server 5.0 ( security fix release )
- Secure communication with Kerberized OpenSSH on AIX using Windows Kerberos service
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!


Recent Comments
Yesterday ~ 4 Comments
Yesterday ~ 12 Comments
Yesterday ~ 6 Comments
Yesterday ~ 21 Comments
Yesterday ~ 1 Comment