How can I remove gpg key that I added using apt-key add -?

1

I made a short script to make things easier and using a string instead of the id.

You can use my script if the key contains a unique string you know.
e.g. in my case for webmin

pub 1024D/11F63C51 2002-02-28 uid Jamie Cameron sub 1024g/1B24BE83 2002-02-28

I'm sure only the webmin key on my system has jcameron than I use this script to remove the according key.

I saved it as ~/removeAptKey

and run it as

sudo ./removeAptKey jcameron

The ouput should be something like

KEYID: 11F63C51 OK

Here is my script:

#!/bin/bash if [[ $EUID -ne 0 ]]; then echo "This script must be run as root" 1>&2 exit 1 fi if [[ $# == 0 ]] then echo "No key name provided" exit 1 fi UNIQUE=$1 sudo apt-key list | grep "${UNIQUE}" -B 1 > result.temp LENGTH=$(cat result.temp | wc -l) if [[ ${LENGTH} -gt 2 ]] then echo "Attention you found more than 1 key. Use a more specific string." exit 2 fi if [[ ${LENGTH} != 2 ]] then echo "Key not found....
0 0
2

apt-key add adds a key to /etc/apt/trusted.gpg by default.

These keys are from Ubuntu repositories:

pub 1024D/437D05B5 2004-09-12 uid Ubuntu Archive Automatic Signing Key sub 2048g/79164387 2004-09-12 pub 1024D/FBB75451 2004-12-30 uid Ubuntu CD Image Automatic Signing Key pub 4096R/C0B21F32 2012-05-11 uid Ubuntu Archive Automatic Signing Key (2012) pub 4096R/EFE21092 2012-05-11 uid Ubuntu CD Image Automatic Signing Key (2012)

Then you're left only with:

pub 1024D/D50582E6 2009-02-01 uid Kohsuke Kawaguchi uid Kohsuke Kawaguchi uid [jpeg image of size 3704] sub 2048g/10AF40FE 2009-02-01

Remove it by running:

sudo apt-key del D50582E6

If you really want to make sure you're removing the right key, you could add the key again to a new keyring:

wget -q -O - https://jenkins-ci.org/debian/jenkins-ci.org.key | sudo apt-key --keyring /tmp/test add -

Then list its contents:

sudo apt-key...
0 0
3

by

Raymond

Last Updated May 03, 2017 21:02 PM

I don't need the key in my server's keyring anymore. Is it possible to remove it? I added the key using this command:

curl http://repo.varnish-cache.org/debian/GPG-key.txt | apt-key add -

Thanks for helping

Answers 2

First you need to find the key id of the key you added. Do this by the command:

sudo apt-key list

It will list all the keys that you have, with each entry looking like this:

pub 1024R/B455BEF0 2010-07-29 uid Launchpad clicompanion-nightlies

Once you have figured out which key to remove, use the command sudo apt-key del where is replaced with the actual keyid of the key you want to remove from your keyring.

[email protected]:~$ sudo apt-key del B455BEF0 [sudo] password for nits: OK [email protected]:~$ apt-key list | grep clicompan [email protected]:~$

As you can see the key gets removed :)

Nitin Venkatesh
February 24, 2012 04:59...

0 0
4

If you've enjoyed this blog, please consider picking up a copy of my Ubuntu book, Instant Ubuntu. Thanks for visiting!

I know many of you use Launchpad’s “Personal Package Archive” for updated and beta packages. I have about a half-dozen configured on my machine to give me the latest and greatest of my favorite applications. The one problem with a PPA though is that the packages can’t be verified when downloaded because you don’t have the GPG imported into your Apt Keyring. The following command is a template that you can use to import whatever PPA based keys you have warnings on:

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys

You can gather the in the output of:

sudo apt-get update

You should see the warnings, along with the key id at the bottom of the output.

For each GPG key that you get a warning on, run the command above, and you’ll stop seeing the warnings. You will have imported that team/project’s GPG key into your...

0 0
5

I've been packaging some proprietary software that runs on Raspbian into .deb files and hosting them in a private S3 bucket using a program called deb-s3. I also use a program called apt-transport-s3 which allows the individual devices to download the packages that I've published. But when I run sudo apt-get update I see the following warning:

W: GPG error: s3://bucket.s3.amazonaws.com stable Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY my-key-id

I could install the GPG manually but I'd rather host it, so that I can just run sudo apt-key add and import it using the ID. Ideally, I'd love to just host that on S3 as well. The trouble is I have never set up a keyserver before so I don't know what sorts of files I'd need or what format they'd need to be in.

If I were to have a barebones keyserver with my GPG key in it, what would the file structure look like? And do you think I could replicate that on S3...

0 0
6

Provided by:

apt_1.4_amd64

NAME

apt-key - APT key management utility

SYNOPSIS

apt-key [--keyring filename] {add filename | del keyid | export keyid | exportall | list | finger | adv | update | net-update | {-v | --version} | {-h | --help}}

DESCRIPTION

apt-key is used to manage the list of keys used by apt to authenticate packages. Packages which have been authenticated using these keys will be considered trusted. Note that if usage of apt-key is desired the additional installation of the GNU Privacy Guard suite (packaged in gnupg) is required. For this reason alone the programmatic usage (especially in package maintainerscripts!) is strongly discouraged. Further more the output format of all commands is undefined and can and does change whenever the underlying commands change. apt-key will try to detect such usage and generates warnings on stderr in these cases.

SUPPORTED KEYRING...

0 0
7

I don't need the key in my server's keyring anymore. Is it possible to remove it? I added the key using this command:

curl http://repo.varnish-cache.org/debian/GPG-key.txt | apt-key add -

Thanks for helping

First you need to find the key id of the key you added. Do this by the command:

sudo apt-key list

It will list all the keys that you have, with each entry looking like this:

pub 1024R/B455BEF0 2010-07-29 uid Launchpad clicompanion-nightlies

Once you have figured out which key to remove, use the command sudo apt-key del where is replaced with the actual keyid of the key you want to remove from your keyring.

[email protected]:~$ sudo apt-key del B455BEF0 [sudo] password for nits: OK [email protected]:~$ apt-key list | grep clicompan [email protected]:~$

As you can see the key gets removed :)

On 16.10 the short key id is no longer shown when you use the list command, but it is actually the last 8 characters of the long...

0 0
8

Hello, I have troubles following the wiki page

Using APT Repository

.

Here are the steps I took so far:
* updated /etc/apt/sources.list file with actual repository address
deb http://packages.netxms.org/debian/ wheezy main

* initialized GnuPG (if I didnt do this - key would not install and apt-get update would throw key errors)
gpg --list-keys
gpg: directory `/root/.gnupg' created
gpg: new configuration file `/root/.gnupg/gpg.conf' created
gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/root/.gnupg/pubring.gpg' created
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg --list-keys - this time no response, suppose that means OK

* download and install key
wget -q -O - http://packages.netxms.org/netxms.gpg | apt-key add -
even tried to just wget http://packages.netxms.org/netxms.gpg and apt-key add netxms.gpg

The problems are these:

1) gpg...

0 0
9

If you are a user of a Linux distribution that takes advantage of Launchpad's Personal Package Archive, then you know how easy that tool can be for adding those hard to find applications pre-packaged for your system. Once you get used to PPAs, it's fairly easy to depend upon those repositories. But there is sometimes a, seemingly, insurmountable issue with those PPAs - keys. If the key for a particular PPA isn't given to you, you can't use the software -- not until the key is added to your keyring.

But how do you add the key when you never received it? Believe it or not, there is a simple solution for that task.

I'm going to assume you have the PPA added to to your /etc/apt/sources.list file (or added them with the command sudo add-apt-repository ppa:chromium-daily.). After the PPA has been added, the next step before the installation of the software, is to run the command sudo apt-get update. If the key hasn't been added an error will be displayed indicated the key...

0 0
10
...
0 0
11
Kodi (XBMC) Installation & Configuration Overview

This guide will attempt to briefly provide anyone interested in creating a media center capable of delivering virtually any media available online, free or paid, as well as playing any media collection you already have. Kodi is the framework for configuring the best custom media center anyone could hope to, and it is Open Source, constantly upgraded / developed by an active community, and per the nature of open source, will always be free. All of its updates will also, always be free. Don't let that fool you! Kodi is better than the paid media centers I have experienced, and well worth the time and effort it takes to set it up. While it can access any paid media service you have, paying for media is not necessary, as it will access virtually anything you could ever want for free, and on demand, as well. This guide will attempt to cover the Windows installation in the USA (English Speaking)...

0 0