Periodically, I end up with my SSH agent tracking an absurd number of keys, many of them no longer relevant, and wish to remove them. In my experience, ssh-add -d /path/to/keyfile
rarely works. Today, with a bit of help from Erik, I figured out why I get annoying stuff like this:
$ ssh-add -d /Users/matthew.wagner/.ssh/cpanel-east.pem
Bad key file /Users/matthew.wagner/.ssh/cpanel-east.pem: No such file or directory
That key file exists, is loaded in ssh-agent
, and has the correct permissions. The issue is that -d
expects a public key, even though ssh-add -l
doesn’t list those.
If you have a .pub
version of the key, ssh-add -d
will automatically find it and remove it. In some cases, I don’t have the public key, such as keys downloaded from AWS. The good news is, it’s easy to generate them:
$ ssh-keygen -y -f ~/.ssh/cpanel-east.pem > ~/.ssh/cpanel-east.pem.pub
$
Removal is then a breeze: $ ssh-add -d /Users/matthew.wagner/.ssh/cpanel-east.pem
Identity removed: /Users/matthew.wagner/.ssh/cpanel-east.pem (/Users/matthew.wagner/.ssh/cpanel-east.pem.pub)
tl;dr – If ssh-add -d
says it can’t remove a key that plainly exists, you need to generate a public key for it.
Awesome! It worked for me! Thanks!
awesome, I couldn’t work out why I couldn’t remove a key file!
+1
This is great!!
Thanks a tonne!