Crack SSH Keys (id_rsa) with John & rockyou.txt

Crack SSH Keys (id_rsa) with John & rockyou.txt | Password Cracking

Abhinav Gyawali

Sometimes I build stuff, sometimes I hack stuff.

More posts by Abhinav Gyawali.

Abhinav Gyawali

1 Dec 2019 • 1 min read

With John, we can crack not only simple password hashes but also SSH Keys. It is pretty simple, so let's get started.

#copying the SSH Key that we have to crack
cp ~/.ssh/id_rsa id_rsa

We will need a script, ssh2john.py. It comes along with Kali so, you don't really need to download it.

#finding the file
updatedb
locate ssh2john.py
cp $(locate ssh2john.py) .

#now, we will create a hash using it
python ssh2john.py id_rsa > id_rsa.hash

Now, let's find and copy rockyou.txt.gz, our wordlist.

locate rockyou.txt
cp $(locate rockyou.txt) .

#now, unzip the file
gunzip rockyou.txt.gz

Finally, let's use john and rockyou.txt to try and crack the SSH Key.

john id_rsa.hash -wordlist=rockyou.txt

Congratulations! Have fun SSHing!

Crack SSH Keys (id_rsa) with John & rockyou.txt | Password Cracking

Abhinav Gyawali

Abhinav Gyawali

Windows Privilege Escalation: DNSAdmins to Domain Admins - Server Level DLL Injection

SwagShop | HackTheBox Walkthrough