On Thu, Dec 03, 2015 at 07:53:33AM +1100, Igor Cicimov wrote: > On 03/12/2015 6:54 AM, "Jesus Moran" <[email protected]> wrote: > Just remove the passphrase: > > openssl rsa -in /path/to/originalkeywithpass.key -out > /path/to/newkeywithnopass.key
Please be aware that this exposes the keys to whoever has access to the machine or the hard disks. We had plans for doing something nice regarding this, but the timeframe was too short for 1.6. We should have it by 1.7 though. So indeed for now you have to make your keys accessible in clear text. Just a suggestion, load your keys from /dev/shm/unreadale-dir/some-protected-dir/ and decrypt your keys there at boot time. That way if your machine is stolen or if you're using a shared storage medium, your clear-text keys will never be exposed. Willy
