SSH Key Passphrase Generator: Secure Passphrases for RSA and Ed25519 Keys
An SSH private key without a passphrase is a master key to every server it can authenticate against, with zero protection if the key file is ever copied, emailed by mistake, committed to a repository, or found on a stolen laptop. Adding a passphrase encrypts the private key file using your chosen phrase as the encryption key — so even if an attacker obtains the file, they cannot use it without also knowing the passphrase. The trade-off is that you must type the passphrase each time you use the key, unless you delegate that burden to an SSH agent like ssh-agent or 1Password's SSH agent, which caches the decrypted key for the duration of a session. This generator creates passphrases specifically tuned for SSH key protection: long enough to make offline cracking of the encrypted key file impractical, but also available as a multi-word passphrase variant you can type reliably at a terminal without a password manager at hand.
Open Password Generator →What Is SSH Key Passphrase Generator: Secure Passphrases for RSA and Ed25519 Keys?
An SSH key passphrase is the credential that encrypts your SSH private key file at rest, typically using AES-256-CBC or ChaCha20-Poly1305 depending on your OpenSSH version. It is not used for the SSH authentication itself — the key pair handles that. The passphrase protects the key file from misuse if it is exposed. A strong passphrase makes offline brute-forcing of the encrypted key file computationally infeasible.
How to Use the Password Generator
- Step 1: Generate your SSH key pair using ssh-keygen: 'ssh-keygen -t ed25519 -C "your_email@example.com"' (Ed25519 is preferred over RSA for new keys).
- Step 2: When prompted 'Enter passphrase', return to this generator and create a passphrase of at least 16 characters or 5+ words.
- Step 3: Choose whether you want a random character passphrase (higher entropy) or a word-based passphrase (easier to type at a terminal without copy-paste).
- Step 4: Click Generate and copy the result.
- Step 5: Paste it into the ssh-keygen passphrase prompt and confirm.
- Step 6: Save the passphrase in your password manager under the key's identifier — include the server or service the key is used for in the notes field.
Example
Example format — word passphrase (do not use this exact string): velvet-quarry-thatch-onward-prismPro Tips
- Ed25519 keys are preferred over RSA-2048 for new SSH keys — they are faster, smaller, and have no known vulnerabilities to the same level of scrutiny.
- Use ssh-agent or a tool like 1Password's SSH agent to cache your decrypted key for a session — you type the passphrase once at login rather than on every SSH command.
- Never commit SSH private keys to version control repositories, even private ones. Use .gitignore to exclude ~/.ssh/ patterns and consider git-secrets to enforce this.
- Store the private key with mode 600 (chmod 600 ~/.ssh/id_ed25519) — SSH will refuse to use keys with overly permissive file permissions.
- Rotate SSH key passphrases using 'ssh-keygen -p -f ~/.ssh/id_ed25519' — this re-encrypts the existing key with a new passphrase without changing the key pair itself.
Ready to Try It?
Free, browser-based, no signup required.
Launch Password Generator Free →FAQ's
Modern OpenSSH (version 6.5+) uses the bcrypt KDF (key derivation function) with the passphrase to derive an encryption key, then encrypts the private key data with AES-256-CTR or ChaCha20-Poly1305. This makes offline brute-force attacks very slow — bcrypt is intentionally expensive to compute. Older SSH keys used a weaker MD5-based KDF; regenerate old keys with OpenSSH 6.5+ to upgrade.
An SSH passphrase protects the private key file at rest — it never leaves your local machine and is used only to decrypt the key for use. An SSH password (password authentication) is sent to the remote server during login. Password authentication is less secure and should be disabled on servers in favor of key-based authentication. The passphrase is purely local protection for the key file.
Security professionals recommend always using a passphrase, because 'secure machine' is a current state, not a permanent guarantee. Laptops are lost and stolen. Servers are compromised. Cloud instances have snapshots taken. A passphrase ensures that obtaining the key file is not sufficient — an attacker also needs the passphrase, buying critical time to revoke the key and audit access.
At least 16 characters for a random character passphrase, or five words for a Diceware-style passphrase. The bcrypt KDF makes shorter passphrases more defensible than for other uses, but a 16-character random passphrase gives you comfortable margins. For keys protecting access to critical infrastructure, six words or 20 characters is a reasonable standard.
Ideally yes — different passphrases for different keys mean that a compromised passphrase (observed, phished, or found in a note) does not expose all your keys at once. In practice, many security teams use a single strong passphrase across keys on a given machine and compensate by rotating keys regularly and using an SSH agent that limits the exposure window.
Yes, using 'ssh-keygen -p -f ~/.ssh/id_ed25519' and entering an empty new passphrase. Removing the passphrase is appropriate for automated deployment systems, CI/CD pipelines, and machine-to-machine authentication where interactive passphrase entry is impossible. In these cases, restrict the key's permissions with authorized_keys options (from=, command=) to limit what an exposed key can do.
If you lose the passphrase to an encrypted SSH private key, the key is unrecoverable — the encryption is designed to make this true. You must generate a new key pair, distribute the new public key to all servers that used the old key, and revoke the old public key from authorized_keys files. This is why storing the passphrase in a password manager is critical.