step crypto change-pass
Name
step crypto change-pass -- change password of an encrypted private key (PEM or JWK format)
Usage
step crypto change-pass <key-file>
[--out=<file>] [--password-file=<file>] [--new-password-file=<file>]
[--insecure] [--no-password]
Description
step crypto change-pass extracts and decrypts the private key from a file and encrypts and serializes the key to disk using a new password.
Positional arguments
key-file
The PEM or JWK file with the encrypted key.
Options
--password-file=file
The path to the file containing the password to decrypt the private key.
--new-password-file=file
The path to the file containing the password to encrypt the private key.
--out=file, --output-file=file
The file new encrypted key path. Default to overwriting the key positional argument
-f, --force Force the overwrite of files without asking.
--insecure
--no-password Do not ask for a password to encrypt a private key. Sensitive key material will be written to disk unencrypted. This is not recommended. Requires --insecure flag.
Examples
Change password for PEM formatted key:
$ step crypto change-pass key.pem
Remove password for PEM formatted key:
$ step crypto change-pass key.pem --no-password --insecure
Change password for PEM formatted key and write encrypted key to different file:
$ step crypto change-pass key.pem --out new-key.pem
Change password for JWK formatted key:
$ step crypto change-pass key.jwk
Removed password for JWK formatted key:
$ step crypto change-pass key.jwk --no-password --insecure
Change password for JWK formatted key:
$ step crypto change-pass key.jwk --out new-key.jwk
Introducing
Device Identity
Ensure that only company-owned devices can access your enterprise's most sensitive resources.
