With SSH keys, if someone gains access to your computer, the attacker can gain access to every system that uses that key. To add an extra layer of security, you can add a passphrase to your SSH key. To avoid entering the passphrase every time you connect, you can securely save your passphrase in the SSH agent.
You can change the passphrase for an existing private key without regenerating the keypair by typing the following command:
$
ssh-keygen -p -f ~/.ssh/id_ed25519
>
Enter old passphrase: [Type old passphrase]
>
Key has comment
'your_email@example.com'
>
Enter new passphrase (empty
for
no passphrase): [Type new passphrase]
>
Enter same passphrase again: [Repeat the new passphrase]
>
Your identification has been saved with the new passphrase.
If your key already has a passphrase, you will be prompted to enter it before you can change to a new passphrase.