Removing Keys

In Detecting Unauthorized Keys, we detected a manually-added authorized key. In a real-life scenario, such keys may have been added to the host without approval, and may need to be deleted.

To disable an authorization, it is sufficient to remove its authorized-key component. To remove an authorized key using Key Manager, first navigate to the User keys→Authorized keys page, then perform a Remove action on the target key.

Key Manager starts a remove-authorization job. While the job is running, the target key is marked with a clock icon .

note

When an action is scheduled or being performed on a key, no other actions may be performed for it until the pending operation is finished.

Deleting a key changes its status. You may need to remove or adjust your filters to see the key entry after removal.

Refresh the Authorized keys page periodically to check its status (in a small test environment, the job should only take a few seconds). After the pending job finishes, the clock icon is replaced with a icon, indicating that the key has been removed successfully.

images/Universal_SSH_Key_Manager_-_Administrator_Manual_page-46.png

Finally, you may verify that the authorized key was removed (you should be prompted for a password when attempting SSH login):

$ ssh charlie@bilberry.example.com

Exit back to the source user if needed:

$ exit