When I execute these commands (setting a passphrase, after the first)...
$ ssh-keygen -t dsa $ chmod 600 my_key $ chmod 600 my_key.pub
...and then, to test the passphrase...
$ ssh-add my_key.pub
...I keep getting:
Bad passphrase, try again for my_key.pub: Bad passphrase, try again for my_key.pub: Bad passphrase, try again for my_key.pub: Bad passphrase, try again for my_key.pub: ...
What am I doing wrong?
This is on Ubuntu.
Using passphrases increases the security when you are using SSH keys. Using a key without a passphrase can be risky. If someone obtains a key (from a backup tape, or a one-time vulnerability) that doesn't include a passphrase, the remote account can be compromised.
If you lose your SSH key passphrase, there's no way to recover it. You'll need to generate a brand new SSH keypair or switch to HTTPS cloning so you can use your GitHub password instead. If you lose your SSH key passphrase, there's no way to recover it.
Adding or replacing a passphrase for an existing key To change your passphrase, you can simply run the ssh-keygen -p command. Specify the location of your current key, and input any old or new passphrases. There is no need to regenerate keys.
The passphrase is used to lock access to the private SSH key. The reason you use keys is to have something more secure than passwords, but a private keyfile without protection will grant access to all your systems to anyone who accesses your computer.
If you've lost your SSH key passphrase, depending on the operating system you use, you may either recover it or you may need to generate a new SSH key passphrase. If you configured your SSH passphrase with the macOS keychain, you may be able to recover it. In Keychain Access, search for SSH.
The key derivation is done using a hash function. Passphrases are commonly used for keys belonging to interactive users. Their use is strongly recommended to reduce risk of keys accidentally leaking from, e.g., backups or decommissioned disk drives. In practice, however, most SSH keys are without a passphrase.
Provide a passphrase, for example “password”, when creating the key pairs. # ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa.
You're trying to add public key to the agent, that one isn't pass-protected, the private one is. Try adding your private key and it should work.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With