unix - 如何在不创建新密钥的情况下删除SSH密钥的密码？(How do I remove the passphrase for the SSH key without having to create a new key?)

Question

I set a passphrase when creating a new SSH key on my laptop.

(我在笔记本电脑上创建新的SSH密钥时设置了密码。)

But, as I realise now, this is quite painful when you are trying to commit ( Git and SVN ) to a remote location over SSH many times in an hour.

(但是，正如我现在意识到的那样，当您尝试在一小时内通过SSH多次提交（ Git和SVN ）远程位置时，这非常痛苦。)

One way I can think of is, delete my SSH keys and create new.

(我能想到的一种方法是删除我的SSH密钥并创建新密钥。)

Is there a way to remove the passphrase, while still keeping the same keys?

(有没有办法删除密码，同时仍然保持相同的密钥？)

  ask by community wiki translate from so

Answer 1

Short answer:

(简短回答：)

$ ssh-keygen -p

This will then prompt you to enter the keyfile location, the old passphrase, and the new passphrase (which can be left blank to have no passphrase).

(然后，这将提示您输入密钥文件位置，旧密码短语和新密码短语（可以留空以使其没有密码短语）。)

If you would like to do it all on one line without prompts do:

(如果你想在没有提示的情况下在一行上完成所有操作：)

$ ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]

Important: Beware that when executing commands they will typically be logged in your ~/.bash_history file (or similar) in plain text including all arguments provided (ie the passphrases in this case).

(重要提示：请注意，在执行命令时，它们通常会以纯文本形式记录在~/.bash_history文件（或类似文件）中，包括提供的所有参数（即本例中的密码）。)

It is therefore is recommended that you use the first option unless you have a specific reason to do otherwise.

(因此，除非您有特殊原因，否则建议您使用第一个选项。)

Notice though that you can still use -f keyfile without having to specify -P nor -N , and that the keyfile defaults to ~/.ssh/id_rsa , so in many cases it's not even needed.

(请注意，您仍然可以使用-f keyfile而不必指定-P和-N ，并且密钥文件默认为~/.ssh/id_rsa ，因此在许多情况下甚至不需要它。)

You might want to consider using ssh-agent, which can cache the passphrase for a time.

(您可能需要考虑使用ssh-agent，它可以缓存密码短语一段时间。)

The latest versions of gpg-agent also support the protocol that is used by ssh-agent.

(最新版本的gpg-agent也支持ssh-agent使用的协议。)