![]() ![]() ![]() |
Protecting Private Keys with Passwords
Private keys can be encrypted by using the
command (ssh-keytool
ssh_keytool.exe
on Windows). This command can be used to protect the private key of an SSH Tectia Certifier Server, for example.
To set a password, run the following commands for a private key:
ssh_keytool -o pkcs8s -s password input.prv output.prv del input.prv move output.prv input.prv
To change an existing password, run:
ssh_keytool -o pkcs8s -S oldpass -s newpass input.prv output.prv del input.prv move output.prv input.prv
To clear the password, run:
ssh_keytool -o pkcs8s -S password input.prv output.prv del input.prv move output.prv input.prv
If ssh-keytool
is used to set a Certifier Server password on Windows, SSH Tectia Certifier cannot be started automatically after reboot. The password is prompted when SSH Tectia Certifier is started from the Start menu under Programs -> SSH Tectia Certifier -> Start -> SSH Certifier.


