PreviousNextUp[Front page] [Index]

Protecting Private Keys with Passwords

Private keys can be encrypted by using the ssh-keytool command (ssh_keytool.exe on Windows). This command can be used to protect the private key of an SSH Tectia Certifier Server, for example.

To set a password, run the following commands for a private key:

ssh_keytool -o pkcs8s -s password input.prv output.prv
del input.prv
move output.prv input.prv

To change an existing password, run:

ssh_keytool -o pkcs8s -S oldpass -s newpass input.prv output.prv
del input.prv
move output.prv input.prv

To clear the password, run:

ssh_keytool -o pkcs8s -S password input.prv output.prv
del input.prv
move output.prv input.prv

If ssh-keytool is used to set a Certifier Server password on Windows, SSH Tectia Certifier cannot be started automatically after reboot. The password is prompted when SSH Tectia Certifier is started from the Start menu under Programs -> SSH Tectia Certifier -> Start -> SSH Certifier.


PreviousNextUp[Front page] [Index]