0

I've installed new Ubuntu from scratch on my new machine and want to have an access to the remote host using ssh. The problem is that even if I have both public and private keys I forgot the passphrase used whilst creating keys because right after that I've passed it to ssh-agent. But I still have it (the passphrase) stored in the ssh-agent in my laptop. How can I restore the passphrase from ssh-agent if I have root access and both keys?

boldnik
  • 2,547
  • 2
  • 27
  • 32
  • The ssh-agent would not survive a reboot. You never shutdown your laptop? Or mayby you are talking about a password manager such as gnome-keyring or KWallet ? – damienfrancois Oct 21 '13 at 16:12
  • If ssh-agent stores passphrase only for a session then it must be somewhere else, because i can easily ssh into server w/o passphrase after reboot. – boldnik Oct 21 '13 at 22:19
  • Already used a script to extract passwords from keyring, but i simply do not use it and response is `Extracting keys from "Session" keyring: Keyring "Session" is empty`. – boldnik Oct 21 '13 at 22:21

1 Answers1

1

As far as I understand it, the passphrase is used to encrypt the private key. ssh-agent doesn't remember the passphrase - it remembers the decrypted private key.

And, as a damienfrancois mentioned, it shouldn't remember it past a reboot.

If you wished to extract the decrypted private keys from ssh-agent itself, you would have to find a tool written to search the memory of the running process and locate keys. One such tool can be found here, but you may well find it very challenging to use.

For a more practical answer, you can just delete your keys from ~/.ssh/id*, make new ones that you know the passphrase for, and move on - for a new machine, you probably haven't gotten too reliant on them yet.

Murph
  • 1,479
  • 2
  • 13
  • 26
  • How is it possible that i do not enter a passphrase from my laptop but i need to do this with the same key from any other location? – boldnik Oct 22 '13 at 21:29
  • When you enter the passphrase, it decodes the key. I assume something on your laptop (ssh-agent, gnome-keyright, idk) has cached that decrypted value. – Murph Oct 22 '13 at 22:19
  • You're probably right, but i can't get it why i could use key w/o passphrase easily while with it just failed. – boldnik Oct 24 '13 at 09:38