How can I remove gpg key that I added using apt-key add -?
First you need to find the key id of the key you added. Do this by the command:
sudo apt-key list
It will list all the keys that you have, with each entry looking like this:
pub 1024R/B455BEF0 2010-07-29
uid Launchpad clicompanion-nightlies
Once you have figured out which key to remove, use the command sudo apt-key del <keyid>
where <keyid>
is replaced with the actual keyid of the key you want to remove from your keyring.
$ sudo apt-key del B455BEF0
$ apt-key list | grep clicompan
$
On 16.10 the short key id is no longer shown when you use the list command, but it is actually the last 8 characters of the long hex.
So for example the key id for the following key
/etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
------------------------------------------------------
pub rsa4096 2012-05-11 [SC]
8439 38DF 228D 22F7 B374 2BC0 D94A A3F0 EFE2 1092
uid [ unknown] Ubuntu CD Image Automatic Signing Key (2012) <[email protected]>
The key id will be EFE21092
I made a short script to make things easier and using a string instead of the id.
You can use my script if the key contains a unique string you know.
e.g. in my case for webmin
pub 1024D/11F63C51 2002-02-28
uid Jamie Cameron <[email protected]>
sub 1024g/1B24BE83 2002-02-28
I'm sure only the webmin key on my system has jcameron
than I use this script to remove the according key.
I saved it as ~/removeAptKey
and run it as
sudo ./removeAptKey jcameron
The ouput should be something like
KEYID: 11F63C51
OK
Here is my script:
#!/bin/bash
function printKeys(){
echo "Installed keys are"
echo ""
sudo apt-key list
}
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root" 1>&2
exit 1
fi
if [[ $# -eq 0 ]]
then
echo "No key name provided"
exit 1
fi
UNIQUE=$1
sudo apt-key list | grep "${UNIQUE}" -B 1 > result.temp
LENGTH=$(cat result.temp | wc -l)
if [[ ${LENGTH} -gt 2 ]]
then
echo "Attention you found more than 1 key. Use a more specific string."
printKeys
exit 2
fi
if [[ ${LENGTH} != 2 ]]
then
echo "Key not found. Doing nothing."
printKeys
exit 3
fi
KEYID=$(cat result.temp | grep 'pub' | cut -d " " -f 4 | cut -d "/" -f 2)
echo "KEYID: "$KEYID
apt-key del ${KEYID}
rm result.temp
First I get the upper two lines of my key's block:
sudo apt-key list
: lists the apt keys as usualgrep '${UNIQUE}' -B 1
: take only the line containing the unique key stringjcameron
and-B 1
the line before> result.temp
: Save it in a file (which is later removed)
If this returns exactly 2 lines (-> got exactly 1 key) I move on:
grep 'pub'
: Now take only the line with thepup
key idcut -d " " -f 4
: take the 4th word of that line (the first ispub
than come two spaces, than the string we are after ``)cut -d "/" -f 2
: take only the part after/
And finally delete this key and cleanup
apt-key del ${KEYID}
(in my case11F63C51
)rm result.temp
: don't need this file anymore