I had a not protected by passphrase ssh key which I use to connect with a server. Now I want to add a passphrase to the key, so I've done:
ssh-keygen -p
and added a new passphrase:
Enter file in which the key is (/home/user/.ssh/id_rsa):
Enter old passphrase:
Key has comment '/home/user/.ssh/id_rsa'
Enter new passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved with the new passphrase.
Then, I try to connect again to the server:
ssh user@server.com -v
but I'm still logged without entering the passphrase:
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/user/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Authentication succeeded (publickey).
Authenticated to server.com ([xxx.xx.xxx.xx]:22).
Why I'm not asked for the passphrase?
Edit:
Seahorse was storing the keys for me, so this was the issue.
Best Answer
ssh-agent
is storing encrypted key in memory so change to the physical key on disk does not affect its functionality.If you want make sure the change is effective, remove the key from agent and add it once more as noted in comments (
ssh-add -D
to remove andssh-add
to add the key again from default location).