≡ Menu

What is the difference between password and passphrase under OpenSSH with DSA / RAS public key authentication?

Recently I received an interesting question from one my regular reader:

What is the basic and important difference between password and passphrase when implementing SSH with DSA/RAS public key authentication? Which one is recommended for daily usage?

The main and basic difference is that you can use multi string phrase including spaces and tabs using a passphrase under ssh. Normal /etc/shadow password is a single string password and many application will breaks with spaces and tabs while using authentication. So your account password must be a single word/string.

For example my account password can be iF33%gNCyzDy
I could create a passphrase: Th1s 1s A t3sT and s3cur3 pa$$phra$3

The advantage is simple you can use spaces and tabs to create a more secure and hard to break authentication method. This makes dictionary based attack quite difficult.

Further readings:

Passwords vs. Pass Phrases
The Great Debates: Pass Phrases vs. Passwords. Part 1 of 3

If anyone aware of more differences please add in comments section :)

Share this on:

Your support makes a big difference:
I have a small favor to ask. More people are reading the nixCraft. Many of you block advertising which is your right, and advertising revenues are not sufficient to cover my operating costs. So you can see why I need to ask for your help. The nixCraft, takes a lot of my time and hard work to produce. If you use nixCraft, who likes it, helps me with donations:
Become a Supporter →    Make a contribution via Paypal/Bitcoin →   

Don't Miss Any Linux and Unix Tips

Get nixCraft in your inbox. It's free:

{ 5 comments… add one }
  • ezekiel August 3, 2008, 1:53 am

    what is the passphrase

  • nixCraft August 3, 2008, 1:12 pm

    From the wikipedia:
    A passphrase is a sequence of words or other text used to control access to a computer system, program or data. A passphrase is similar to a password in usage, but is generally longer for added security. Passphrases are often used to control both access to, and operation of, cryptographic programs and systems. Passphrases are particularly applicable to systems that use the passphrase as an encryption key.

  • George January 5, 2009, 3:18 pm

    I can’t remember my passphase for my wireless…I bought a new computer for my daughter for Christmas and can’t set it up on my wireless.

    Is there anyway I can recover the passphrase?


    • ISMAIL RACHDAOUI March 14, 2014, 10:37 am

      You can reset your wireless AP

  • Kalicharan Patro May 6, 2014, 3:26 pm

    I haven’t remembered my passphes. Please support me to get it again.

Leave a Comment