How to delete a subkey on Linux in GnuPG?

14

3

I would like to delete an OpenPGP subkey of mine on Linux (L)Ubuntu 16.04 in GnuPG. It's a kind of "blank" useless key (see below key 33333333). I have not uploaded it to key servers, so I think it's ok to delete without revoking it.

gpg2 --edit-key me@example.com

sec  rsa4096/11111111
     created: 2016-12-12  expires: 2017-12-12  usage: SC  
     confiance : ultime        validity: ultimate
ssb  rsa4096/22222222
     created: 2016-12-12  expires: 2017-12-12  usage: E   
ssb  rsa4096/33333333
     created: 2016-12-12  expires: never       usage:     
ssb  rsa4096/44444444
     créé : 2016-12-12  expires: 2017-12-12  usage: S   
[  ultimate ] (1). me <me@example.com>

I tried "gpg> delkey 33333333", but I had this message :

You must select at least one key.
(Use the 'key' command.)

then gpg> key 33333333, and I had this result (same result as list command):

sec  rsa4096/11111111
     created: 2016-12-12  expires: 2017-12-12  usage: SC  
     confiance : ultime        validity: ultimate
ssb  rsa4096/22222222
     created: 2016-12-12  expires: 2017-12-12  usage: E   
ssb  rsa4096/33333333
     created: 2016-12-12  expires: never       usage:     
ssb  rsa4096/44444444
     créé : 2016-12-12  expires: 2017-12-12  usage: S   
[  ultimate ] (1). me <me@example.com>

What should I do next?

etn

Posted 2016-10-06T20:10:04.983

Reputation: 243

1On the Linux command line (and in general), you can get English language outpuut for pretty much all applications by prefixing LANG=C, eg. LANG=C gpg2 --edit-key .... Alternatively, "switch" a shell to English language by running export LANG=C. – Jens Erat – 2016-10-06T21:51:21.247

Answers

16

GnuPG's interactive --edit-key menu works differently. You do not select a subkey by key [subkey-id], but by key [key-index], in your case this would be key 2 (the second subkey from the top, the primary key doesn't count).

After doing so, the line

ssb  rsa4096/33333333

will change to

ssb* rsa4096/33333333

with an asterisk indicating the key being selected. After selecting one or more keys, run delkey to delete the selected subkeys. Don't forget to save!

Jens Erat

Posted 2016-10-06T20:10:04.983

Reputation: 14 141

Thanks a lot. I had not seen the asterisk thing before. Thank you ! PS : key-index number was 2, not 3 (I could not select the first "sec" key). – etn – 2016-10-07T11:19:57.740

You're right, I should have only counted the subkeys. If this answered your question, consider selecting the checkmark on the left (also have a look at the [FAQ]). – Jens Erat – 2016-10-07T12:04:16.550

wow that was unintuitive. I kept selecting by key-id. – arviman – 2017-08-29T11:39:38.680

Asked: 2016-10-06T20:10:04.983

Viewed: 6 121 times

Active: 2016-10-07T12:04:35.343