Once you’ve come across an SSH key, they are sometimes encrypted and require a password to be passed along with it before you’re able to successfully use it for authentication. When this occurs, we can leverage John to extract the hash used to encrypt this key and attempt to crack it offline.
First, we’ll start by extracting the hash using SSHng2John.
python sshng2john.py ssh.key
Then we can rerun the above command, but redirect to a file.
python sshng2john.py /root/ssh.key > hash.ssh
And finally, we can pass it to John for cracking against a dictionary file.
john --wordlist=/opt/wordlists/rockyou.txt hash.ssh