×


Delete Repository And GPG Key On Ubuntu Systems

Are you trying to delete Repository And GPG Key In Ubuntu? 

This guide will help you.


The GPG key (means: Gnu Privacy Guard, aka GnuPG) is a free software which provides cryptographic privacy and authentication.

It allow users to communicate securely using public-key cryptography.

Ubuntu has four official repositories namely Main, Universe, Restricted, and Multiverse. A repository (repo) is a central place where the developers keep the software packages.

Using the repository keys, we can ensure that we are getting the packages from the right person. However, sometimes we would like to delete a repository along with its GPG key when it’s no longer necessary in our ubuntu systems.

Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to handle Ubuntu servers.

In this context, we shall look into how to easily delete the repository and GPG key in Ubuntu.


Steps to delete repository and GPG key in Ubuntu:

Here, you will learn how to delete the repository and key on Ubuntu System.

1. How to Delete a repository on Ubuntu ?

When we add a repository using 'add-apt-repository' command, it will be stored in /etc/apt/sources.list file.

To delete a software repository from Ubuntu and its derivatives we do the following:

i. First, open the /etc/apt/sources.list file and look for the repository entry.

We can do this using the following command:

$ sudo nano /etc/apt/sources.list

And simply remove the entry to delete the repository.

After that, we can save and close the file.

ii. However, if we have added PPA repositories, we must look into /etc/apt/sources.list.d/ directory and delete the respective entry.

Alternatively, we can delete the repository using 'add-apt-repository' command.

For example, we can delete the Systemback repository using the following command:

$ sudo add-apt-repository -r ppa:nemh/systemback

iii. Finally, update the software sources list using the following command:

$ sudo apt update


2 How to List Repository keys on Ubuntu System?

'apt-key' is used to manage the list of keys used by 'apt' to authenticate packages.

Below are the paths where trusted keys are found:

/etc/apt/trusted.gpg – Keyring of local trusted keys; new keys will be added here.

/etc/apt/trusted.gpg.d/ – File fragments for the trusted keys; additional keyrings can be stored here.

We can use the following command to list trusted keys with fingerprints:

$ sudo apt-key list
/etc/apt/trusted.gpg
--------------------
pub rsa4096 2017-12-15 [SCEA]
0A0F AB86 0D48 5603 32EF B581 B754 42BB DE9E 3B09
uid [ unknown] https://packagecloud.io/AtomEditor/atom (https://packagecloud.io/docs#gpg_signing) support@packagecloud.io
sub rsa4096 2017-12-15 [SEA]
pub rsa4096 2016-04-22 [SC]
B9F8 D658 297A F3EF C18D 5CDF A2F6 83C5 2980 AECF
uid [ unknown] Oracle Corporation (VirtualBox archive signing key) info@virtualbox.org
sub rsa4096 2016-04-22 [E]
pub dsa1024 2007-03-08 [SC]
4CCA 1EAF 950C EE4A B839 76DC A040 830F 7FAC 5991
uid [ unknown] Google, Inc. Linux Package Signing Key linux-packages-keymaster@google.com
sub elg2048 2007-03-08 [E]
pub rsa4096 2016-04-12 [SC]
EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796
uid [ unknown] Google Inc. (Linux Packages Signing Authority) linux-packages-keymaster@google.com
sub rsa4096 2019-07-22 [S] [expires: 2022-07-21]
/etc/apt/trusted.gpg.d/numix_ubuntu_ppa.gpg
-------------------------------------------
pub rsa1024 2013-08-13 [SC]
43E0 7612 1739 DEE5 FB96 BBED 52B7 0972 0F16 4EEB
uid [ unknown] Launchpad PPA for Numix Maintainers
/etc/apt/trusted.gpg.d/snwh_ubuntu_ppa.gpg
------------------------------------------
pub rsa1024 2012-06-27 [SC]
D320 D0C3 0B02 E64C 5B2B B274 3766 2239 8999 3A70
uid [ unknown] Launchpad PPA for Sam Hewitt
/etc/apt/trusted.gpg.d/ubuntu-keyring-2012-archive.gpg
------------------------------------------------------
pub rsa4096 2012-05-11 [SC]
790B C727 7767 219C 42C8 6F93 3B4F E6AC C0B2 1F32
uid [ unknown] Ubuntu Archive Automatic Signing Key (2012) ftpmaster@ubuntu.com
/etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
------------------------------------------------------
pub rsa4096 2012-05-11 [SC]
8439 38DF 228D 22F7 B374 2BC0 D94A A3F0 EFE2 1092
uid [ unknown] Ubuntu CD Image Automatic Signing Key (2012) cdimage@ubuntu.com
/etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
------------------------------------------------------
pub rsa4096 2018-09-17 [SC]
F6EC B376 2474 EDA9 D21B 7022 8719 20D1 991B C93C
uid [ unknown] Ubuntu Archive Automatic Signing Key (2018) ftpmaster@ubuntu.com


3. How to Delete repository keys on Ubuntu ?

We use "apt-key" command to add the repository keys.


i. First, we will list the added keys using the following command:

$ sudo apt-key list

This command will list all added repository keys.

/etc/apt/trusted.gpg
--------------------
pub rsa1024 2010-10-31 [SC]
3820 03C2 C8B7 B4AB 813E 915B 14E4 9429 73C6 2A1B
uid [ unknown] Launchpad PPA for Kendek
pub rsa4096 2016-04-22 [SC]
B9F8 D658 297A F3EF C18D 5CDF A2F6 83C5 2980 AECF
uid [ unknown] Oracle Corporation (VirtualBox archive signing key) <info@virtualbox.org>
sub rsa4096 2016-04-22 [E]
/etc/apt/trusted.gpg.d/ubuntu-keyring-2012-archive.gpg
------------------------------------------------------
pub rsa4096 2012-05-11 [SC]
790B C727 7767 219C 42C8 6F93 3B4F E6AC C0B2 1F32
uid [ unknown] Ubuntu Archive Automatic Signing Key (2012) <ftpmaster@ubuntu.com>
/etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
------------------------------------------------------
pub rsa4096 2012-05-11 [SC]
8439 38DF 228D 22F7 B374 2BC0 D94A A3F0 EFE2 1092
uid [ unknown] Ubuntu CD Image Automatic Signing Key (2012) <cdimage@ubuntu.com>
/etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
------------------------------------------------------
pub rsa4096 2018-09-17 [SC]
F6EC B376 2474 EDA9 D21B 7022 8719 20D1 991B C93C
uid [ unknown] Ubuntu Archive Automatic Signing Key (2018) <ftpmaster@ubuntu.com>

From the above output, the long (40 characters) hex value is the repository key.


ii. If we want the APT package manager to stop trusting the key we can delete it using the following command:

$ sudo apt-key del "3820 03C2 C8B7 B4AB 813E 915B 14E4 9429 73C6 2A1B"

Or, we can alternatively specify the last 8 characters:

$ sudo apt-key del 73C62A1B

iii. Finally, we can run the following command to update the repository lists:

$ sudo apt update


[Need urgent Assistance with installing missing packages on Ubuntu Systems? We are happy to help you! ]


Conclusion

This article covers steps to delete the repository and GPG Key On Ubuntu. All packages are signed with a pair of keys consisting of a private key and a public key, by the package maintainer.

A user's private key is kept secret and the public key may be given to anyone the user wants to communicate.

Whenever you add a new repository to your system, you must also add a repository key so that the APT Package Manager trusts the newly added repository.

Once you've added the repository keys, you can make sure you get the packages from the correct source.


To remove Repository keys:

You can remove the repository key if it is no longer needed or if the repository has already been removed from the system.

It can be deleted by entering the full key with quotes as follows (which has a hex value of 40 characters):

$ sudo apt-key del "D320 D0C3 0B02 E64C 5B2B B274 3766 2239 8999 3A70"
OK

Alternatively, you can delete a key by entering only the last 8 characters:

$ sudo apt-key del 89993A70
OK

Once you have removed the repository key, run the apt command to refresh the repository index:

$ sudo apt update

You can verify that the above GPG key has been removed by running the following command:

$ sudo apt-key list