How to tell if key is encrypted?

Damien Miller djm at
Fri Nov 21 22:25:20 EST 2003

On Fri, 2003-11-21 at 18:25, Bob Proulx wrote:
> I would like to automatically deduce in a script if an ssh key is
> encrypted or not.  Basically in a very particular application I want
> to be the BOFH and enforce that users place a passphrase on their
> id_rsa key.  If they don't put a passphrase I want to send them back
> to ssh-keygen until they do.  I have not been able to deduce a way to
> detect this yet.  Any hints?

For protocol v2 keys:

if openssl rsa -noout -passin pass:none -in /path/to/key ; then
	echo user is a dork


More information about the openssh-unix-dev mailing list