Revoke PGP key

Follow this tutorial if you want to revoke a pgp key. All you need for this is your private key and eventually the pass phrase to open it.

At first you need to install pgp on your machine. I have installed GnuPG.

Change to the install dir or add to PATH.

Next import your private key:

check if it was successfully imported an note the id for the next step:

In my case:  9FD0EF83

Now we will generate a revocation certificate – you can add additional information why you want to revoke this key:

You will find the created certificate at:

Now that we have the certificate we have to import it. (A revocation certificate is mostly generated while the creation process of a new private key and thereby not imported automatically while generating a revocation certificate)

After this command your key is actually revoked.

But nobody knows about this.. So we tell at least one keyserver that our key is obsolete:

I choosed pgp.mit.edu. So I will test if everything is fine by searching for the id: no result.

When searching for my email address I see the key with a mark: “*** KEY REVOKED ***”

So we are done! Since the keyserver sync each other just wait some days/weeks and everyone should know about the revocation.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.