NAME

step crypto change-pass – change password of an encrypted private key (PEM or JWK format)

USAGE

step crypto change-pass key-file [–out=file] [–insecure] [–no-password]

DESCRIPTION

step crypto change-pass extracts and decrypts the private key from a file and encrypts and serializes the key to disk using a new password.

POSITIONAL ARGUMENTS

key-file
The PEM or JWK file with the encrypted key.

OPTIONS

–out=file, –output-file=file
The file new encrypted key path. Default to overwriting the key positional argument
-f, –force
Force the overwrite of files without asking.
–insecure
–no-password
Do not ask for a password to encrypt the private key. Sensitive key material will be written to disk unencrypted. This is not recommended. Requires –insecure flag.

EXAMPLES

Change password for PEM formatted key:

$ step crypto change-pass key.pem

Remove password for PEM formatted key:

$ step crypto change-pass key.pem --no-password --insecure

Change password for PEM formatted key and write encrypted key to different file:

$ step crypto change-pass key.pem --out new-key.pem

Change password for JWK formatted key:

$ step crypto change-pass key.jwk

Removed password for JWK formatted key:

$ step crypto change-pass key.jwk --no-password --insecure

Change password for JWK formatted key:

$ step crypto change-pass key.jwk --out new-key.jwk