Wednesday, April 9, 2008

Tool for Cracking Passphrases on Encrypted SSH Keys

phrasen drescher

phrasendrescher is a cracking tool used for the purpose of finding the pass phrase for RSA or DSA keys as they would be used by SSH for instance. It performs wordlist and rule based attacks against the key. The tool can be used on multiple keys at once and is known to run on FreeBSD, NetBSD, OpenBSD, MacOS and Linux.

It can run at around 17 000 guesses per second (on my ~2GHz PC at least). It supports dictionary-based guessing, permutations of dictionary words (e.g. l33t) and pure brute force. I'd include an example of it running, but the documentation on the home page is pretty good too, so you may as well read that instead. You can download it from

No comments: