In this post you can find a procedure that makes it possible to recover the passphrase of a private SSH key under specific circumstances, on a Linux system.
The following scenario is likely to be very common:
- You usually work on a computer running a Gnome window manager on a Linux system.
- Your daily tasks usually involve connecting to remote computers using SSH. You established the setup for this connectivity long time ago, by generating a private/public key pair. The private key was placed under the local ~/.ssh directory in your computer, and the public key was added to the ~/.ssh/authorized_keys file of the remote computers.
- Besides, to avoid having to enter the passphrase every time you connect to a remote computer, it was added to the “Gnome keyring”. The key is stored in the keyring and delivered to the clients that request it.
- All this setup was done long time ago, and now, for some reason, you need to recover the passphase, but you forgot it !
Luckily, if your case is the same as described above, there is a possibility to recover de passphrase of the private SSH key: The information stored by the Gnome keyring can be accessed with a frontend named “seahorse” (if seahorse is not installed in your system, it is very easy to install with “apt-get”, or other package management utility available in your specific Linux distro).
When seahorse is launched, it displays a window listing all the keys stored in the keyring.
Among them, you should be able to identify the private SSH key, and the entry that stores the passphase (identified as “Unlock password for SSH_KEY_NAME”):
Double-clicking on this last entry, select “Password > Show password” in the pop-up window displayed:
And that’s all! the forgotten passphrase will be printed in a legible way inside the “Password” field (and you might bump your head against the keyboard as I did, thinking “How could I have forgotten it!”).