making the passphrase prompt more clear

Eitan Adler lists at
Wed Sep 3 09:11:52 EST 2014

On 2 September 2014 15:52, Aidan Feldman <aidan.feldman at> wrote:
> I am going to preface this email by saying that I know very little
> about OpenSSH internals, the protocol, etc.
> I do a lot of work with novice programmers, and one step that comes up
> relatively early is generating SSH keys.  In case you haven't done it
> in a while, the output looks like this:
> $ ssh-keygen -t rsa
> Generating public/private rsa key pair.
> Enter file in which to save the key (/Users/aidan/.ssh/id_rsa):
> Enter passphrase (empty for no passphrase):
> When that last step comes up, I am regularly asked, "Does it mean the
> system password, or a new one?"  A slight tweak of the language could
> easily eliminate that confusion... something like "Enter passphrase
> for the new key" or "Enter new passphrase".

Perhaps "Enter new passphrase to encrypt the key (empty for no encryption):"

This makes it clear that it needs to be a new phrase, and what it will
be used for.

Eitan Adler

More information about the openssh-unix-dev mailing list