The FreeBSD Diary

A passphrase is often associated with ssh and pgp identity keys.  In order to use the keys, you must enter your secret passphrase.  But passphrases are optional, as you can see in the above link.

To further protect your private key you should enter a passphrase to encrypt the key when it is stored in the filesystem. This will prevent people from using it even if the gain access to your files.

Always, always, type in a good pass-phrase when prompted for one. It can be multiple words (i.e. spaces are just fine within the phrase), so you could choose a sentence that you can remember. Changing some  of the words by misspelling them or by changing some of the letters into digits is highly recommended to  increase the strength of your pass phrase.

I know what you are thinking, the purpose of you trying scp in the first place was so you didn't have to enter a password (or passphrase), or store them in clear text in your scripts.  And you are right, you will be prompted for your passphrase if you set one.   But I did a little research and found a way around that.  The ssh protocol suite has two utilities for this, ssh-agent and ssh-add.  What you would do is run "ssh-agent $SHELL" and use "ssh-add" to add your public key's passphrase into memory.  I hope I am making sense, because like I said my knowledge of crypto, and ssh is not great, but I set my system up like this and it works for me.   I found a very good resource at http://csociety.ecn.purdue.edu/~sigos/projects/ssh/overview/ if you would like to check it out.