How can I remove an SSH key

Question

I currently have an old SSH key uploaded on a server. The problem is I lost my ~/.ssh directory (with the original id_rsa and id_rsa.pub files).

Consequently, I want to remove the old SSH key directly on the server and upload a new one.

I tried the following command without success:

$> ssh-add -D

Enter image description here

Is there a way to completely remove an SSH key?

User · Answer

If you re trying to perform an SSH-related operation and get the following error    git fetch no such identity   lt ssh key path gt   No such file or directory  You can remove the missing SSH key from your SSH agent with the following    eval  ssh-agent -s     start ssh agent   ssh-add -D  lt ssh key path gt     delete ssh key

User · Answer

The solution for me  openSUSE Leap 42 3  KDE  was to rename the folder    gnupg which apparently contained the cached keys and profiles  After KDE logout logon the ssh-add agent is running again and the folder is created from scratch  but the old keys are all gone  I didn t have success with the other approaches

User · Answer

Note that there are at least two bug reports for ssh-add -d -D not removing keys    quot Debian Bug report  472477  ssh-add -D does not remove SSH key from gnome-keyring-daemon memory quot   quot Ubuntu  ssh-add -D deleting all identities does not work  Also  why are all identities auto-added  quot   The exact issue is   ssh-add -d -D deletes only manually added keys from gnome-keyring  There is no way to delete automatically added keys  This is the original bug  and it s still definitely present    So  for example  if you have two different automatically-loaded ssh identities associated with two different GitHub accounts -- say for work and for home -- there s no way to switch between them  GitHubtakes the first one which matches  so you always appear as your  home  user to GitHub  with no way to upload things to work projects    Allowing ssh-add -d to apply to automatically-loaded keys  and ssh-add -t X to change the lifetime of automatically-loaded keys   would restore the behavior most users expect    More precisely  about the issue   The culprit is gpg-keyring-daemon     It subverts the normal operation of ssh-agent  mostly just so that it can pop up a pretty box into which you can type the passphrase for an encrypted ssh key     And it paws through your  ssh directory  and automatically adds any keys it finds to your agent  And it won t let you delete those keys    How do we hate this  Let s not count the ways -- life s too short    The failure is compounded because newer ssh clients automatically try all the keys in your ssh-agent when connecting to a host  If there are too many  the server will reject the connection  And since gnome-keyring-daemon has decided for itself how many keys you want your ssh-agent to have  and has autoloaded them  AND WON T LET YOU DELETE THEM  you re toast   This bug is still confirmed in Ubuntu 14 04 4  as recently as two days ago  August 21st  2014   A possible workaround    Do ssh-add -D to delete all your manually added keys  This also locks the automatically added keys  but is not much use since gnome-keyring will ask you to unlock them anyways when you try doing a git push     Navigate to your    ssh folder and move all your key files except the one you want to identify with into a separate folder called backup  If necessary you can also open seahorse and delete the keys from there  Now you should be able to do git push without a problem    Another workaround   What you really want to do is to turn off gpg-keyring-daemon altogether  Go to System -- gt  Preferences -- gt  Startup Applications  and unselect the  quot SSH Key Agent  Gnome Keyring SSH Agent  quot  box -- you ll need to scroll down to find it    You ll still get an ssh-agent  only now it will behave sanely  no keys autoloaded  you run ssh-add to add them  and if you want to delete keys  you can  Imagine that   This comments actually suggests   The solution is to keep gnome-keyring-manager from ever starting up  which was strangely difficult by finally achieved by removing the program file s execute permission    Ryan Lue adds another interesting corner case in the comments   In case this helps anyone  I even tried deleting the id rsa and id rsa pub files altogether  and the key was still showing up    Turns out gpg-agent was caching them in a    gnupg sshcontrol file  I had to manually delete them from there   That is the case when the keygrip has been added as in here

User · Answer

I can confirm that this bug is still present in Ubuntu 19.04 (Disco Dingo). The workaround suggested by VonC worked perfectly, summarizing for my version:

Click on Activities tab on top left corner
On the search box that comes up, begin typing "startup applications"
Click on the "Startup Applications" icon
On the box that pops up, select the gnome key ring manager application (can't remember the exact name on the GUI but it is distinctive enough) and remove it.

Next, I tried ssh-add -D again, and after reboot ssh-add -l told me The agent has no identities. I confirmed that I still had the ssh-agent daemon running with ps aux | grep agent. So I added the key I most frequently used with GitHub (ssh-add ~/.ssh/id_ecdsa) and all was good!

Now I can do the normal operations with my most frequently used repository, and if I occasionally require access to the other repository which uses the RSA key, I just dedicate one terminal for it with export GIT_SSH_COMMAND="ssh -i /home/me/.ssh/id_rsa.pub". Solved! Credit goes to VonC for pointing out the bug and the solution.

User · Answer

Check if folder  ssh is on your system  Go to folder -- gt   Users administrator  ssh id ed25519 pub  If not  then  Open Terminal   Paste in the terminal  Check user   ssh -T git gitlab com  Remove existing SSH keys  Remove existing SSH keys   rm    ssh github rsa pub  Create New  Create new SSH key   ssh-keygen -t rsa -b 4096 -C  quot your email example com quot   The public key has been saved in  quot  Users administrator  ssh id ed25519 pub  quot   Open the public key saved path   Copy the SSH key   GitLab Account   Setting   SSH Key   Add key  Test again from the terminal   ssh -T git gitlab com

User · Answer

I opened  Passwords and Keys  application in my Unity and removed unwanted keys from Secure Keys -  OpenSSH keys And they automatically had been removed from ssh-agent -l as well

User · Answer

Unless I m misunderstanding  you lost your  ssh directory containing your private key on your local machine and so you want to remove the public key which was on a server and which allowed key-based login  In that case  it will be stored in the  ssh authorized keys file in your home directory on the server  You can just edit this file with a text editor and delete the relevant line if you can identify it  even easier if it s the only entry    I hope that key wasn t your only method of access to the server and you have some other way of logging in and editing the file  You can either manually add a new public key to authorised keys file or use ssh-copy-id  Either way  you ll need password authentication set up for your account on the server  or some other identity or access method to get to the authorized keys file on the server  ssh-add adds identities to your SSH agent which handles management of your identities locally and  quot the connection to the agent is forwarded over SSH remote logins  and the user can thus use the privileges given by the identities anywhere in the network in a secure way  quot   man page   so I don t think it s what you want in this case  It doesn t have any way to get your public key onto a server without you having access to said server via an SSH login as far as I know

[git] How can I remove an SSH key?

The answer is

Examples related to git

Examples related to ssh

Examples related to git-svn

Examples related to ssh-keys

Examples related to ssh-keygen

Tags