[SOLVED] Deleting an SSH key pair?

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read how to get help
Post Reply
Fuzzy
Level 3
Level 3
Posts: 158
Joined: Thu Jul 28, 2011 11:54 am

[SOLVED] Deleting an SSH key pair?

Post by Fuzzy » Wed Oct 24, 2018 11:52 pm

So,

I've used Linux for years now, but I have never jumped into the SSH thing...until now. I've setup an Arch machine to be my fileserver. Everything is working great, but I'd like to be able to manage the Arch system remotely (from my LMDE3 machine within the same network).

I setup SSH, and everything is working great. HOWEVER, in trying to get authentication to work without PasswordAuthentication, I've tried many things - still failed at that goal - and would like to delete the SSH keys and try again using a different SSH key type. (Some of my research has indicated the type of key I originally generated might have compatibility issues).

I'm finding all sorts of conflicting information about how to go about removing the existing key from the keyring, and would like to know how to do it (specifically) on LMDE3 if possible. I see that problems exist(ed) with straight Debian, where it wouldn't allow the removal of existing keys, but I wasn't sure if the same problems presented themselves with LMDE3.

Any help would be greatly appreciated.

Thanks,
Fuzzy
Last edited by Fuzzy on Thu Oct 25, 2018 11:35 pm, edited 1 time in total.

User avatar
catweazel
Level 17
Level 17
Posts: 7770
Joined: Fri Oct 12, 2012 9:44 pm
Location: Australian Antarctic Territory

Re: Deleting an SSH key pair?

Post by catweazel » Thu Oct 25, 2018 12:56 am

Fuzzy wrote:
Wed Oct 24, 2018 11:52 pm
Any help would be greatly appreciated.
man ssh-add ought to tell you.
¡uʍop ǝpısdn sı buıɥʇʎɹǝʌǝ os ɐıןɐɹʇsnɐ ɯoɹɟ ɯ,ı

Fuzzy
Level 3
Level 3
Posts: 158
Joined: Thu Jul 28, 2011 11:54 am

Re: Deleting an SSH key pair?

Post by Fuzzy » Thu Oct 25, 2018 1:56 am

catweazel....

Arghhhh! I had my head so into finding the answer online (and reading through the subsequent arguments there), that I overlooked the man. Thanks for the direction. As soon as I find the solution, I'll post it and mark this as solved.

Thanks!
Fuzzy

Fuzzy
Level 3
Level 3
Posts: 158
Joined: Thu Jul 28, 2011 11:54 am

Re: Deleting an SSH key pair?

Post by Fuzzy » Thu Oct 25, 2018 2:16 am

So,

When I try

Code: Select all

ssh-add -D
(which I forgot to mention, I had tried earlier), I receive an "All identities removed" message. However, the identities have not been removed. One of the afforementioned websites had indicated that this is because the -D switch only applies to manually added keys.

So, I tried

Code: Select all

ssh-add -d
and received "Could not remove identity..."<path to key>"...communication with agent failed."

I'm not entirely sure where to go from there. EDIT: Actually, I'm not entirely certain how to check whether or not the keys still exist...I can still see their private and public files in the .ssh folder, so I assumed this meant they had not been cleared, but I'm starting to doubt that assumption is correct.

Thanks,
Fuzzy

User avatar
catweazel
Level 17
Level 17
Posts: 7770
Joined: Fri Oct 12, 2012 9:44 pm
Location: Australian Antarctic Territory

Re: Deleting an SSH key pair?

Post by catweazel » Thu Oct 25, 2018 2:45 am

Fuzzy wrote:
Thu Oct 25, 2018 2:16 am
I'm not entirely sure where to go from there.
https://stackoverflow.com/questions/254 ... -a-ssh-key

Possible culprit, a couple of explanations, and a workaround.

Cheers.
¡uʍop ǝpısdn sı buıɥʇʎɹǝʌǝ os ɐıןɐɹʇsnɐ ɯoɹɟ ɯ,ı

Fuzzy
Level 3
Level 3
Posts: 158
Joined: Thu Jul 28, 2011 11:54 am

Re: Deleting an SSH key pair?

Post by Fuzzy » Thu Oct 25, 2018 10:53 am

Thanks, Catweazel. The link you provided was one of the sites I had visited which mentioned the problem/bug. However, I was uncertain of the explanations in the "workaround" section, or what the implications would be. My preference is the first workaround mentioned.

I'm curious about the

Code: Select all

~/.ssh/known_hosts
file though - will it be cleaned of the old key when I move the pub/private keys into the backup folder? The site doesn't explicitely explain what to do with the known_hosts file in the workaround. Would it be a terrible thing to move the known_hosts into the backup folder too?

Thanks again for your guidance with this.

Fuzzy

Fuzzy
Level 3
Level 3
Posts: 158
Joined: Thu Jul 28, 2011 11:54 am

Re: Deleting an SSH key pair?

Post by Fuzzy » Thu Oct 25, 2018 12:35 pm

I wasn't able to find a clear answer to my question about known_hosts online, so I just experimented by backing up known_hosts, then opening it up and deleting the two entries which appeared to be the auto-generated keys.

I then created a new set of public/private keys. Everything appears to be working fine again, but I'd be interested if anyone has suggestions on how to make sure my keyring is clean and in good shape. (This is all new to me.)

In the off-chance there's anyone else out there who could benefit from my mistakes, here's a synopsis:

1. I had set out to establish an SSH implementation using key-only authentication (no passwords).
2. I had originally chose to use key type ed25519.
3. Even after having completed the necessary steps for key-only authentication, it would continue to ask me for the key file's passphrase when I connected. Online research led me to believe this was due to an issue between ed25519, and the gnome keyring implementation...that if I changed to some other key type, the issue would be remedied. (Side note: whether this understanding is correct or not - changing my key type did fix my issue)
4. I wanted to "start clean" by removing the existing ed25519 key, before creating another key
5. I tried a few steps found online (like key-add -D) and didn't make any headway
6. Opened this thread.

My thanks to catweazel for his help on this issue - I'll leave the thread open for a couple days in case anyone offers an answer to my keyring maintenance questions, and then I'll mark it as solved.

Post Reply

Return to “Newbie Questions”