5 Easy Steps to Remove an SSH Key Safely and Efficiently

You’re working on an important project, and you’ve been carefully managing your SSH keys to ensure secure access. Suddenly, you realize that one of the keys is no longer needed, or perhaps it has been compromised. What do you do now? Don’t panic. Deleting an SSH key can be a simple process if you know the right steps to take. In this article, we will guide you through the process of deleting an SSH key, ensuring that your connections are secure and up-to-date.

Why Delete an SSH Key?

Before diving into the actual deletion process, let’s discuss the reasons why you might want to delete an SSH key. Typically, it could be due to one of the following reasons:

– The key has been compromised
– You no longer require access to the host associated with the key
– A team member has left the organization, and their key needs to be removed
– You’ve decided to replace the existing key with a new one for improved security

Whatever the reason might be, it’s crucial to keep your SSH keys up-to-date and secure to maintain the integrity of your infrastructure.

Locating the SSH Key

First, you need to locate the necessary SSH key you wish to delete. SSH keys are stored in the `~/.ssh` directory, and they usually come in pairs – a private key with the `.pem` or `.key` extension and a public key with the `.pub` extension. The private key should be kept secret, while the public key can be shared with others.

Now, let’s assume you want to delete an SSH key pair named `my_key`. You can find this pair within the `~/.ssh` directory with these two files: `my_key.pem` (private key), and `my_key.pub` (public key).

Deleting the Private Key

To delete the private key, simply use the command below, replacing `my_key.pem` with the name of your private key file:

rm ~/.ssh/my_key.pem

This command will remove the private key, and in doing so, you will no longer be able to access any hosts using this key.

Please keep in mind: Deleting a private key cannot be undone. Ensure that it is the correct key and that it is no longer needed before proceeding with deletion.

Deleting the Public Key

The process of deleting a public key varies depending on the setup. If the key was added to your local SSH agent, you’d need to remove it from there. If the key was added directly to the remote host, you’ll have to delete it from the authorized keys file on the host.

# Removing the Public Key from Your Local SSH Agent

If you have added the key to your local SSH agent, you can remove it using the `ssh-add` command with the `-d` flag. Here’s the command you would use, replacing `my_key.pub` with your public key file:

ssh-add -d ~/.ssh/my_key.pub

This command will delete the specified public key from your SSH agent, ensuring that it does not get accidentally used for future connections.

# Removing the Public Key from the Remote Host’s Authorized Keys File

If you’ve added the public key to the remote host’s authorized keys file, you’ll need to remove it from there. By default, the authorized keys file is located at `~/.ssh/authorized_keys` on the remote host.

To find and delete the specific public key, use the following command, replacing `my_key.pub` with your public key file:

ssh user@remote-host “grep -v -F $(cat ~/.ssh/my_key.pub) ~/.ssh/authorized_keys > ~/.ssh/temp && mv ~/.ssh/temp ~/.ssh/authorized_keys”

This command will first find the public key within the authorized keys file, then create a temporary file without that key, and finally replace the original authorized keys file with the new one.

Validating Key Deletion

After deleting the SSH key, you might want to ensure that it has been removed successfully. To check if the key is still present in your local SSH agent, use the following command:

ssh-add -l

If the key is not listed in the output, it has been successfully removed from your SSH agent. To verify the key’s removal from the remote host, attempt to connect to the host using the deleted key. If the connection fails as expected, it confirms that the key has been removed.


In this article, we’ve provided a comprehensive guide on how to delete an SSH key, ensuring secure and up-to-date connections. By following these steps, you can maintain the integrity of your infrastructure and keep your systems safe from potential breaches. Always remember to validate your actions, and with practice, key management will become second nature in your daily workflow.

GitHub SSH key is Leaked – How bad is this?

YouTube video

SSH To Windows Using Public Key

YouTube video

SSH Key Authentication | How to Create SSH Key Pairs

YouTube video

Is it secure to remove SSH keys?

It is generally secure to remove SSH keys if you no longer need them or if you suspect that they have been compromised. Removing an SSH key can help you maintain the security of your system by limiting the number of access points into your server.

When you remove an SSH key, you are essentially revoking access for the associated user or service that was using the key for authentication. As a result, this can help protect your system from unauthorized access, especially if the key has been leaked or exposed in any way.

However, it’s important to keep in mind that removing an SSH key does not automatically secure your system if there are other security vulnerabilities present. Be sure to follow best practices for overall system security and configure your server properly to minimize potential risks.

In summary, removing an SSH key can be a secure action to take when it is no longer needed or has been compromised; however, it should be accompanied by additional security measures to maintain the safety of your system.

How can I remove SSH keys from Windows?

To remove SSH keys from Windows, follow these steps:

Step 1: Open File Explorer and navigate to the following directory:


This folder usually contains your public (id_rsa.pub) and private (id_rsa) SSH key files. To see the hidden “.ssh” folder, ensure the “Hidden items” checkbox is enabled in the “View” tab.

Step 2: Select the specific SSH key files you want to remove. The most common types of key files include:

- id_rsa (private key)
- id_rsa.pub (public key)
- known_hosts (a list of known SSH hosts)

Step 3: Right-click on the selected files and click “Delete” to remove them. Alternatively, press the “Delete” key on your keyboard.

Note: Removing the keys will prevent you from using those specific keys to connect to remote servers via SSH. Make sure you have a backup or another way to access your servers before you delete the keys.

How can I remove SSH keys from my Mac?

To remove SSH keys from your Mac, follow these steps:

1. Open the Terminal application: You can find it in the Applications > Utilities folder or by searching for it using Spotlight.

2. Navigate to the SSH folder: The SSH keys are stored in a hidden folder in your user directory called `.ssh`. To access this folder, type the following command and press Enter:

cd ~/.ssh
If you receive an error message stating that the folder does not exist, it might be because you have not created any SSH keys yet.

3. List the SSH keys: To view all the available SSH keys, execute the following command:

ls -la
This will display a list of files, including your public (`.pub`) and private keys. The default key names usually look like `id_rsa` (private key) and `id_rsa.pub` (public key).

4. Delete the desired SSH key: To remove a specific SSH key pair, use the `rm` command followed by the key names. For example, to delete the default keys, run:

rm id_rsa id_rsa.pub
Replace `id_rsa` and `id_rsa.pub` with the appropriate key names if they are different. This will permanently delete both the private and public keys.

5. Verify the deletion: Run the `ls -la` command again to ensure that the keys have been removed successfully.

Always exercise caution when deleting SSH keys, as losing access to a private key may prevent you from connecting to remote systems. Consider backing up your keys or moving them to a safe location before taking any action.

How can one delete an SSH key from a Git repository?

To delete an SSH key from a Git repository, follow these steps:

1. Access your Git account: Sign in to your Git platform, such as GitHub, GitLab, or Bitbucket.

2. Navigate to your settings: In your account, locate the settings menu, which typically appears as a gear icon.

3. Locate SSH keys or SSH and GPG keys section: In the settings menu, find the section pertaining to SSH keys or SSH and GPG keys.

4. Identify the key to be deleted: Within this section, you will see a list of your added SSH keys. Look for the specific key you want to remove and take note of the associated title or description.

5. Delete the SSH key: Click the “Delete” button or trash icon next to the targeted key. Confirm the deletion if prompted.

Remember that by deleting an SSH key, you will lose access to any repositories or services that require it for authentication. Be sure to obtain a new SSH key and update your repositories’ access settings accordingly if necessary.

How can you permanently delete an SSH key from a server using command line methods?

To permanently delete an SSH key from a server using command line methods, follow these steps:

1. First, log in to the server using your SSH credentials.

2. Go to the user’s home directory, where the SSH keys are stored. In most cases, this is located in the ~/.ssh directory. Use the following command to navigate to the directory:

cd ~/.ssh

3. List all the keys stored in that directory using the ls command:


4. Identify the key you want to delete. Typically, the public key has a file name ending with .pub.

5. To permanently delete the identified key, use the rm command followed by the file name. For example, if the key to be deleted is named id_rsa.pub, use the following command:

rm id_rsa.pub

6. If you also want to delete the private key associated with the public key, use the same command without the .pub extension. For example:

rm id_rsa

7. If the key was added to the authorized_keys file, open the file using a text editor (e.g., nano or vi) and remove the corresponding entry:

nano authorized_keys

Locate the relevant key, delete it, and save the file.

By following these steps, you can permanently delete an SSH key from a server using command line methods.

What is the process to remove an SSH key from the authorized_keys file on a specific user account?

To remove an SSH key from the authorized_keys file on a specific user account, follow the steps below:

1. Log in to the user account on the server where you want to remove the SSH key.

2. Navigate to the user’s home directory by typing:
cd ~

3. Now, go to the .ssh directory where the authorized_keys file is located:
cd .ssh

4. Open the authorized_keys file using your preferred text editor, such as nano, vi, or vim. For example:
nano authorized_keys

5. In the authorized_keys file, locate the SSH key you want to remove. The SSH keys are usually organized in separate lines, and each line represents a unique key.

6. Delete the specific line containing the SSH key you want to remove. Be careful not to modify or delete any other lines.

7. Save the changes and close the authorized_keys file.

8. To ensure the security of your server, set the correct file permissions for the authorized_keys file, if needed, by executing:
chmod 600 authorized_keys

9. Finally, test your connection to make sure that the SSH key has been successfully removed. You should no longer be able to access the server using the removed key.

By following these steps, you have successfully removed an SSH key from the authorized_keys file on a specific user account.

How do you disable or delete a specific SSH key for a user in a Git repository?

To disable or delete a specific SSH key for a user in a Git repository, follow these steps:

1. Log in to the Git repository hosting platform (e.g., GitHub, GitLab, Bitbucket) using your account.

2. Navigate to the Settings or Profile Settings page of your account.

3. Find and click on the SSH and GPG keys section.

4. Locate the SSH key you want to delete or disable. You can identify it by the key’s title or the unique fingerprint.

5. Click on the Delete or Remove button next to the SSH key.

6. You may be prompted to confirm your action. Click on the appropriate confirmation button (e.g., “Yes, remove it” or “Delete”).

By following these instructions, you will disable or delete the specific SSH key for your user account in the Git repository hosting platform. Keep in mind that this will revoke access for any systems using this key, so ensure you update those systems with a new key if necessary.

What are the security implications when deleting a previously used SSH key from a cloud service like AWS or Google Cloud?

When deleting a previously used SSH key from a cloud service like AWS or Google Cloud, there are several security implications to consider:

1. Loss of access: If you delete an SSH key without deploying an alternative in place, you may lose access to your instances or server. This can lead to a lot of wasted time and resources trying to regain access.

2. Audit trail: Deleting an SSH key may disrupt the audit trail, making it difficult to track historical activities on the server. This can impact your ability to identify and investigate security breaches or unauthorized access.

3. Key management: When you delete an SSH key, you need to make sure that all instances of the key are removed from your infrastructure. Failing to do so can leave your server exposed to potential security risks if the deleted key is still in use somewhere within your infrastructure.

4. Rotating keys: Deleting an SSH key should be part of a regular key rotation process where new keys are generated, deployed, and old keys are removed. This helps to reduce the risk of a compromised key being used to gain unauthorized access.

5. Effect on authorized users: If other authorized users still need access to the system, they will require new SSH keys to be generated and deployed. Make sure to communicate the changes to ensure a smooth transition.

6. Effect on automated processes: If you have automated processes that rely on the deleted SSH key, you will need to update those processes to use the new key. Failing to do so can cause disruptions in your automated workflows.

In conclusion, when deleting a previously used SSH key from a cloud service, take care to manage the security implications by implementing proper key rotations, ensuring consistent access for authorized users, and maintaining a robust audit trail. Always remember to use strong and unique keys to protect your infrastructure.

Can you revoke an SSH key without deleting it, and if so, how do you accomplish this?

Yes, you can revoke an SSH key without deleting it. To accomplish this, you will need to update the “authorized_keys” file on the remote server where the SSH key is being used for authentication.

Follow these steps to revoke an SSH key:

1. Log in to the remote server using another valid SSH key or another authentication method, such as a password.

2. Navigate to the SSH directory for the user whose key you want to revoke. Usually, this is located at “~/.ssh/” directory.

3. Open the “authorized_keys” file using your preferred text editor. This file contains a list of public keys, one per line, that are authorized to access the server.

4. Locate the key you wish to revoke in the “authorized_keys” file. It should match the public key portion of the key pair you wish to revoke.

5. Comment out the key by adding a “#” symbol at the beginning of the line containing the key. This will prevent the SSH server from recognizing the key, effectively revoking it.

6. Save and close the “authorized_keys” file.

By following these steps, you have revoked the SSH key without deleting it. The key will no longer be authorized to access the server, but the corresponding line in the “authorized_keys” file can be easily uncommented if you want to restore access in the future.