OpenSSH Change a Passphrase With ssh-keygen command

February 4, 2008October 7, 2013in Linux, Openbsd, UNIX last updated October 7, 2013

How do I change OpenSSH passphrase for one of my private keys under Linux, OpenBSD, FreeBSD, Apple OS X or Unix like operating systems?

You need to use the ssh-keygen command to generates, change manages and converts authentication keys for ssh. You should the see following files at $HOME/.ssh or ~/.ssh directory i.e. /home/you/.ssh/. You can use the ls -l $HOME/.ssh/ command to see the following files:

=> id_dsa : DSA authentication identity of the user

=> id_dsa.pub : DSA public key for authentication

=> id_rsa : RSA authentication identity of the user

=> id_rsa.pub : RSA public key for authentication

Changing a Passphrase with ssh-keygen

The -p option requests changing the passphrase of a private key file instead of creating a new private key. The program will prompt for the file containing the private key, for the old passphrase, and twice for the new passphrase. Use -f {filename} option to specifies the filename of the key file. For example, change directory to $HOME/.ssh. Open the Terminal app and then type:
$ cd ~/.ssh/

To change DSA passphrase, enter:
$ ssh-keygen -f id_dsa -p

To change RSA passphrase, enter:
$ ssh-keygen -f id_rsa -p
Sample outputs:

Animated gif 01: Changing your openssh passphrase

References

See ssh-keygen(1) man page for information on command line options.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

14 comment

Stu says:
February 4, 2008 at 8:07 pm
If something relies on the private key will it still work the same way? I mean a SSL certificate for example…
Reply Report comment
JOsh Beauregard says:
October 16, 2009 at 2:54 pm
thanx for the quick mem check
Reply Report comment
Pierre Dej says:
July 19, 2010 at 9:20 am
Thanks for this!
Reply Report comment
bambini vestiti says:
April 2, 2011 at 10:42 am
Thank applause and encouragement, for the valid reason that he offers me better power and courage!
Reply Report comment
rebecca says:
September 21, 2012 at 12:48 am
change password key to best family ever
Reply Report comment
Richard says:
November 7, 2013 at 5:35 pm
for newbie like me, I had to also add ‘ssh-add id-rsa’ to make it work. Very helpful tutorial
Reply Report comment
Sumanth says:
November 8, 2013 at 10:58 am
Thank you very much, its indeed a very helpful article
Reply Report comment
Murphy Randle says:
April 23, 2014 at 2:51 am
This is just what I needed. Thanks! And the animated gif demonstration was extra helpful. :)
Reply Report comment
Giovanni Grimone says:
July 24, 2015 at 4:10 pm
Heya,
Thanks for sharing this useful information. It worked like a charm!
Just another thing, what tool did you use to capture the screen input to an animated GIF, please?
Thanks again,
Giovanni
Reply Report comment
Lucas Pereira Caixeta says:
August 26, 2016 at 10:01 am
Simple, objective and clean explanation.
Thank you so much!
Reply Report comment
A says:
October 26, 2016 at 1:51 pm
Let’s say I want to give my SSH key used to access some servers to some else (e.g. because I’m not maintaining these servers anymore).
I can change the password as explained above and give “id_rsa” and “id_rsa.pub” to this person and he’ll be able to SSH on these servers without changing anything on the servers, right?
Reply Report comment
1. R says:
  November 1, 2016 at 9:29 am
  Yes, you can do that. Note there is no passphrase on the pub key.
  Reply Report comment
kazi shahin says:
November 29, 2016 at 1:09 pm
Forgot my Passphrase, how to set a new Passphrase ?
Reply Report comment
Amit says:
January 10, 2017 at 10:30 am
Thank you, it was very helpful.
Reply Report comment

nixCraft