How to Crack an SSH Private Key Passphrase

1. Check to see if the SSH private key is passphrase protected. To do this read the contents of the Private Key File and if it contains ‘Encrypted’ in its header then the SSH private key is passphrase protected.

An example of a private key header indicating that the key is passphrase protected.

2. Locate the ssh2john.py script that is on Kali Linux by default or download the script onto your machine using wget.

locate ssh2john.py
# OR
wget https://raw.githubusercontent.com/openwall/john/bleeding-jumbo/run/ssh2john.py

3. Convert the private key into a hash that can be cracked by the password cracking tool John the Ripper using ssh2john.py.

python ssh2john.py id_rsa > id_rsa.hash

Converting the ssh private key into a crackable hash using ssh2john.py

4. Crack the hash of the private key (id_rsa.hash) to determine its passphrase using John the Ripper. In this example, the cracked passphrase is highlighted by the red box within the screenshot.

sudo john id_rsa.hash -wordlist=<wordlistofyourchoice>

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

I hope this guide has helped you and thank you for reading. :)