Cracking SSH Private key passphrase
Using John the Ripper!
Upgrade your ethical hacking skills through this A to Z Cyber Security Training Bundle (Limited Time Offer!)
Step 1
Copy the SSH key you want to crack.
cp /.ssh/id_rsa id_rsa
Step 2
To brute-force using john, we have to convert it into a suitable format. For this, we can use ssh2john.py. This comes pre-installed in Kali Linux. You can find it using locate command and copy it to your current working directory.
updatedb #updatedb creates or updates a database used by locate(1)
locate ssh2john.py
cp $(locate ssh2john.py).
Step 3
Next, you have to create a hash file from the id_rsa file to use it with john.
python ssh2john.py id_rsa > id_rsa.hash
Step 4
To conduct the brute force, you need a wordlist. You can try the rockyou wordlist pre-installed in Kali Linux.
locate rockyou.txt.gz
cp $(locate rockyou.txt.gz) .
Unzip the file,
gunzip rockyou.txt.gz
Step 5
At last, we can use john to crack the hash using rockyou.txt and retrieve the passphrase.
john id_rsa.hash -wordlist=rockyou.txt
Good Luck cracking it!
Follow my socials for more cybersecurity content. 📝