90

I added a key like this:

wget -q -O - https://jenkins-ci.org/debian/jenkins-ci.org.key | sudo apt-key add -
sudo sh -c 'echo deb http://pkg.jenkins-ci.org/debian binary/ > /etc/apt/sources.list.d/jenkins.list'

Now I want to remove this key. How can I do that? I don't know where it got added and how does it look like.

When I do sudo apt-key list it prints out few things on the console. Not sure which one is related to what I did above?

david@machine:~$ sudo apt-key list
/etc/apt/trusted.gpg
--------------------
pub   1024D/437D05B5 2004-09-12
uid                  Ubuntu Archive Automatic Signing Key <master@ubuntu.com>
sub   2048g/79164387 2004-09-12

pub   1024D/FBB75451 2004-12-30
uid                  Ubuntu CD Image Automatic Signing Key <image@ubuntu.com>

pub   4096R/C0B21F32 2012-05-11
uid                  Ubuntu Archive Automatic Signing Key (2012) <master@ubuntu.com>

pub   4096R/EFE21092 2012-05-11
uid                  Ubuntu CD Image Automatic Signing Key (2012) <image@ubuntu.com>

pub   1024D/D50582E6 2009-02-01
uid                  Kohsuke Kawaguchi <kkiu@kyterty.org>
uid                  Kohsuke Kawaguchi <kyterty.iuytre@sun.com>
uid                  [jpeg image of size 3704]
sub   2048g/10AF40FE 2009-02-01

/etc/apt/trusted.gpg.d//pubring.gpg
-----------------------------------
pub   2048R/06634014 2013-01-26
uid                  OSP Team <IET-OSP-IUY@host.com>
sub   2048R/732F28E7 2013-01-26
David Foerster
  • 36,264
  • 56
  • 94
  • 147
arsenal
  • 1,993

3 Answers3

105

apt-key add adds a key to /etc/apt/trusted.gpg by default.

These keys are from Ubuntu repositories:

pub   1024D/437D05B5 2004-09-12
uid                  Ubuntu Archive Automatic Signing Key <master@ubuntu.com>
sub   2048g/79164387 2004-09-12

pub   1024D/FBB75451 2004-12-30
uid                  Ubuntu CD Image Automatic Signing Key <image@ubuntu.com>

pub   4096R/C0B21F32 2012-05-11
uid                  Ubuntu Archive Automatic Signing Key (2012) <master@ubuntu.com>

pub   4096R/EFE21092 2012-05-11
uid                  Ubuntu CD Image Automatic Signing Key (2012) <image@ubuntu.com>

Then you're left only with:

pub   1024D/D50582E6 2009-02-01
uid                  Kohsuke Kawaguchi <kkiu@kyterty.org>
uid                  Kohsuke Kawaguchi <kyterty.iuytre@sun.com>
uid                  [jpeg image of size 3704]
sub   2048g/10AF40FE 2009-02-01

Remove it by running:

sudo apt-key del D50582E6

If you really want to make sure you're removing the right key, you could add the key again to a new keyring:

wget -q -O - https://jenkins-ci.org/debian/jenkins-ci.org.key | sudo apt-key --keyring /tmp/test add -

Then list its contents:

sudo apt-key --keyring /tmp/test list

Then you'll see the key you want to remove.

Eric Carvalho
  • 54,385
  • 84
    if you are wondering what is key, use last 8 letters together from the last two blocks out of ten blocks, like D38B4796 from EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796 – Midhun KM Jan 31 '19 at 07:20
  • 3
    and if you prefer to copy and paste spaces are allowed inside quotes sudo apt-key del 'D38B 4796' – lacostenycoder Mar 02 '22 at 14:39
  • sudo apt-key del "EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796" would also work. – philburns Aug 21 '23 at 15:25
  • On Ubuntu 23 you'll get this error: Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)). – Raleigh L. Oct 14 '23 at 21:52
11

You can also directly remove key using

$ sudo apt-key list | grep 'teejee'

You will get

/etc/apt/trusted.gpg.d/teejee2008-ppa.gpg

Then,

$ sudo rm /etc/apt/trusted.gpg.d/teejee2008-ppa.gpg

Just Test again with $ sudo apt-key list | grep 'teejee'

Akshay Vilas Patil
  • 381
10

Open the software center, go to "Edit" → "Software Sources ..." → "Other Software" and you see a "Remove" button.

UTF-8
  • 5,710
  • 10
  • 31
  • 67