Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to delete GPG keys no longer needed? [closed]

Tags:

gnupg

I'm trying to delete these gpg keys I no longer needed. I keep getting "not found: Not found" regardless. enter image description here

I tried:

gpg --list-scret-keys

There is no error but nothing shows up on the screen either. Help is much appreciated. Thanks!

like image 600
2myCharlie Avatar asked Sep 03 '25 15:09

2myCharlie

2 Answers

Try Deleting it using the id between pub and uid with the following command:

gpg --delete-secret-key 7D2BAF1CF37B13E2069D6956105BD0E739499BDB

The one you have typed is not an id, it is the key type and bit size of that key.

Hope you got it!

like image 168
nuclearzzet Avatar answered Sep 05 '25 14:09

nuclearzzet

Revoke before deleting

Revoking the key before deleting it is a good idea. After deleting the private key, revoking is not possible, unless you have a revoking certificate. That is generated automatically when creating a key pair in gpg version from 2.1 onwards, in ~/.gnupg/openpgp-revocs.d, at least on Ubuntu.

1A. Revoke the key - by creating revocation certificate

For this, the passphrase of the key IS needed.

a) Create revocation certificate

gpg --output revoke-piotrs-keys.asc --gen-revoke [email protected]

b) Revoke the key, on local machine, by importing the revocation certificate, from the file created in a), into the keyring

gpg --import revoke-piotrs-keys.asc

OR

1B. Revoke the key - with existing revocation certificate .rev

For this, the passphrase of the key is NOT needed. Instead, the automatically generated revocation certificate IS needed.

a) Edit the file so it will work in the next step, by removing the colon in the beginning of the row where the key block starts:

## Get key ID
gpg --list-keys

nano ~/.gnupg/openpgp-revocs.d/7D2BAF1CF37B13E2069D6956105BD0E739499BDB.rev

## Before (colon):
:-----BEGIN PGP PUBLIC KEY BLOCK-----

## After (no colon):
-----BEGIN PGP PUBLIC KEY BLOCK-----

b) Revoke the key, on local machine, by importing the revocation certificate, from the file created when the key was created:

gpg --import ~/.gnupg/openpgp-revocs.d/7D2BAF1CF37B13E2069D6956105BD0E739499BDB.rev

2. Revoke the key - on remote key server

If the key never was on any key server, skip this step.

gpg --keyserver your-remote-keyserver.com --send-keys 7D2BAF1CF37B13E2069D6956105BD0E739499BDB

3. Delete the key pair

a) Get the key ID

gpg --list-keys

b) Delete the secret key

gpg --delete-secret-key 7D2BAF1CF37B13E2069D6956105BD0E739499BDB

c) Delete the public key

gpg --delete-key 7D2BAF1CF37B13E2069D6956105BD0E739499BDB

4. Verify that the keys are gone (from local machine)

gpg --list-keys
gpg --list-secret-keys

5. Clean up

a) Remove the file created in 1. a)

rm revoke-piotrs-keys.asc

b) If gpg version 2.1 or newer was used to create the key, then remove the automatically created revocation file

rm ~/.gnupg/openpgp-revocs.d/7D2BAF1CF37B13E2069D6956105BD0E739499BDB.rev
like image 37
Emil Carpenter Avatar answered Sep 05 '25 15:09

Emil Carpenter
Sign in to Comment

Related questions

Could not make my second mail's commits as "verified" on GitHub
PythonGnuPG generate keys, encrypt and decrypt a message
Resign previous Git commits with a new GPG key
GNUPG how to encrypt file without it's original extension in the name?
Gradle uploadArchives task unable to read secret key

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!