SSH Passphrase Change


You all had been using ssh authentication keys since your RHCE Training days and even during your RHCSS Training.

We all know that ssh authentication keys can be used to login to a remote server without giving password and the authentication is based on the keys already shared or submitted to the target remote server.

You also had been told about the importance of supplying “passphrase” during ssh key generation using –

ssh-keygen -t rsa 

command (or you can use -t dsa).

Whenever you generate ssh keys using ssh-keygen command it create your keys under your ~/.ssh directory. Depending on what type of keys you have selected to generate using -t. These files will be created under your ~/,ssh

id_dsa : DSA Authentication Identity of the user : DSA Public Key for Authentication

id_rsa : RSA Authentication Identity of the user : RSA Public key for Authentication

Now the point is that, I want to change my passphrase I had supplied during the creation of authentication keys. Reasons can me many:

– I doubt the passphrase is compromised
– Passphrase is too old
– For security policies of the company


You can use use the –

ssh-keygen -f id_rsa -p (if you have used type rsa)
ssh-keygen -f id_dsa -p (if you have used type dsa)


-f takes filesname as an option
-p will generate a new passphrase instead of creating new file

Here is a snapshot of the tip shared from my machine.

Keep Learning & Loving Linux.

Changing ssh passphrase

Changing ssh passphrase