This is something I've wanted to do for a while now.
There wasn't a question already for it so I'm putting one in.
How do you remove a password from a .key file using OpenSSL.
Asked
Active
Viewed 8.1k times
2 Answers
45
Just use
openssl rsa -in original.key -out new.key
You will be prompted for your original password, so enter that first then the new key will be written afterwards.
Note you could have the -in and -out parameters be the same but if you get it wrong you could mess up your key.
Also note that if you actually want to change your password you don't need to remove the original first just use:
openssl rsa -aes256 -in original.key -out new.key
That will prompt you for the original key.
Then it will prompt for the new key (twice)
Matt Vukomanovic
- 931
3
I've had this recently, and the generally accepted answer above (which seems to be repeated pretty much across the interweb) no longer (?) just prompts you for the passphrase when you run it, it just recreates a still-passphrased key. You need to explicitly specify the input passphrase and leave no output passphrase when running the command, like so:
openssl rsa -in original.key -out new.key -passin pass:your_original_passphrase
This may be a new behaviour in openssl rsa command, or it may be specific to the Ubuntu variant of openssl, but anyway, this is my experience.
Martin Greenaway
- 131
- 3