How can I remove an SSH key

Question

I currently have an old SSH key uploaded on a server  The problem is I lost my    ssh directory  with the original id rsa and id rsa pub files   Consequently  I want to remove the old SSH key directly on the server and upload a new one  I tried the following command without success    gt  ssh-add -D   Is there a way to completely remove an SSH key

User · Answer

If you re trying to perform an SSH-related operation and get the following error    git fetch no such identity   lt ssh key path gt   No such file or directory  You can remove the missing SSH key from your SSH agent with the following    eval  ssh-agent -s     start ssh agent   ssh-add -D  lt ssh key path gt     delete ssh key

User · Answer

I can confirm that this bug is still present in Ubuntu  19 04  Disco Dingo   The workaround suggested by VonC worked perfectly  summarizing for my version   Click on Activities tab on top left corner On the search box that comes up  begin typing  quot startup applications quot  Click on the  quot Startup Applications quot  icon On the box that pops up  select the gnome key ring manager application  can t remember the exact name on the GUI but it is distinctive enough  and remove it   Next  I tried ssh-add -D again  and after reboot ssh-add -l told me The agent has no identities  I confirmed that I still had the ssh-agent daemon running with ps aux   grep agent  So I added the key I most frequently used with GitHub  ssh-add    ssh id ecdsa  and all was good  Now I can do the normal operations with my most frequently used repository  and if I occasionally require access to the other repository which uses the RSA key  I just dedicate one terminal for it with export GIT SSH COMMAND  quot ssh -i  home me  ssh id rsa pub quot   Solved  Credit goes to VonC for pointing out the bug and the solution

User · Answer

Unless I m misunderstanding  you lost your  ssh directory containing your private key on your local machine and so you want to remove the public key which was on a server and which allowed key-based login  In that case  it will be stored in the  ssh authorized keys file in your home directory on the server  You can just edit this file with a text editor and delete the relevant line if you can identify it  even easier if it s the only entry    I hope that key wasn t your only method of access to the server and you have some other way of logging in and editing the file  You can either manually add a new public key to authorised keys file or use ssh-copy-id  Either way  you ll need password authentication set up for your account on the server  or some other identity or access method to get to the authorized keys file on the server  ssh-add adds identities to your SSH agent which handles management of your identities locally and  quot the connection to the agent is forwarded over SSH remote logins  and the user can thus use the privileges given by the identities anywhere in the network in a secure way  quot   man page   so I don t think it s what you want in this case  It doesn t have any way to get your public key onto a server without you having access to said server via an SSH login as far as I know

User · Answer

Note that there are at least two bug reports for ssh-add -d -D not removing keys    quot Debian Bug report  472477  ssh-add -D does not remove SSH key from gnome-keyring-daemon memory quot   quot Ubuntu  ssh-add -D deleting all identities does not work  Also  why are all identities auto-added  quot   The exact issue is   ssh-add -d -D deletes only manually added keys from gnome-keyring  There is no way to delete automatically added keys  This is the original bug  and it s still definitely present    So  for example  if you have two different automatically-loaded ssh identities associated with two different GitHub accounts -- say for work and for home -- there s no way to switch between them  GitHubtakes the first one which matches  so you always appear as your  home  user to GitHub  with no way to upload things to work projects    Allowing ssh-add -d to apply to automatically-loaded keys  and ssh-add -t X to change the lifetime of automatically-loaded keys   would restore the behavior most users expect    More precisely  about the issue   The culprit is gpg-keyring-daemon     It subverts the normal operation of ssh-agent  mostly just so that it can pop up a pretty box into which you can type the passphrase for an encrypted ssh key     And it paws through your  ssh directory  and automatically adds any keys it finds to your agent  And it won t let you delete those keys    How do we hate this  Let s not count the ways -- life s too short    The failure is compounded because newer ssh clients automatically try all the keys in your ssh-agent when connecting to a host  If there are too many  the server will reject the connection  And since gnome-keyring-daemon has decided for itself how many keys you want your ssh-agent to have  and has autoloaded them  AND WON T LET YOU DELETE THEM  you re toast   This bug is still confirmed in Ubuntu 14 04 4  as recently as two days ago  August 21st  2014   A possible workaround    Do ssh-add -D to delete all your manually added keys  This also locks the automatically added keys  but is not much use since gnome-keyring will ask you to unlock them anyways when you try doing a git push     Navigate to your    ssh folder and move all your key files except the one you want to identify with into a separate folder called backup  If necessary you can also open seahorse and delete the keys from there  Now you should be able to do git push without a problem    Another workaround   What you really want to do is to turn off gpg-keyring-daemon altogether  Go to System -- gt  Preferences -- gt  Startup Applications  and unselect the  quot SSH Key Agent  Gnome Keyring SSH Agent  quot  box -- you ll need to scroll down to find it    You ll still get an ssh-agent  only now it will behave sanely  no keys autoloaded  you run ssh-add to add them  and if you want to delete keys  you can  Imagine that   This comments actually suggests   The solution is to keep gnome-keyring-manager from ever starting up  which was strangely difficult by finally achieved by removing the program file s execute permission    Ryan Lue adds another interesting corner case in the comments   In case this helps anyone  I even tried deleting the id rsa and id rsa pub files altogether  and the key was still showing up    Turns out gpg-agent was caching them in a    gnupg sshcontrol file  I had to manually delete them from there   That is the case when the keygrip has been added as in here

User · Answer

I opened  Passwords and Keys  application in my Unity and removed unwanted keys from Secure Keys -  OpenSSH keys And they automatically had been removed from ssh-agent -l as well

User · Answer

Check if folder  ssh is on your system  Go to folder -- gt   Users administrator  ssh id ed25519 pub  If not  then  Open Terminal   Paste in the terminal  Check user   ssh -T git gitlab com  Remove existing SSH keys  Remove existing SSH keys   rm    ssh github rsa pub  Create New  Create new SSH key   ssh-keygen -t rsa -b 4096 -C  quot your email example com quot   The public key has been saved in  quot  Users administrator  ssh id ed25519 pub  quot   Open the public key saved path   Copy the SSH key   GitLab Account   Setting   SSH Key   Add key  Test again from the terminal   ssh -T git gitlab com

User · Answer

The solution for me  openSUSE Leap 42 3  KDE  was to rename the folder    gnupg which apparently contained the cached keys and profiles  After KDE logout logon the ssh-add agent is running again and the folder is created from scratch  but the old keys are all gone  I didn t have success with the other approaches

[git] How can I remove an SSH key?

Examples related to git

Examples related to ssh

Examples related to git-svn

Examples related to ssh-keys

Examples related to ssh-keygen