7

Note: this is a purely hypothetical situation.

Suppose that I had created a PGP key, pushed it to the Ubuntu keyserver (hkp://keyserver.ubuntu.com), and added it to my Launchpad account. Further suppose that my PGP key was compromised somehow.

Apart from removing the key from Launchpad, what steps do I need to take?

Nathan Osman
  • 32,495

2 Answers2

11

gpg --list-keys
Find your key id: 

pub   2048R/deadb33f 2012-03-10
uid                  Something <someone@example.com>


gpg --edit-key 0xdeadb33f

Command> revuid
Really revoke this user ID? (y/N) y
Please select the reason for the revocation:
  0 = No reason specified
  4 = User ID is no longer valid
  Q = Cancel
(Probably you want to select 4 here)
Your decision? 4
gpg --keyserver keyserver.ubuntu.com -send-keys 0xdeadb33f

From the gnupg mailing list: 

    gpg --keyserver pool.sks-keyservers.net -refresh-keys 0xdecafbad

now use gpg to revoke the UID

    gpg --edit-key 0xdecafbad

gpg displays a list of UIDs on the key. Enter the number of the UID you
wish to revoke. The list is redisplayed with an * next to the selected
one. now use the gpg command revuid to revoke:

    Command> revuid
    Really revoke this user ID? (y/N) y
    Please select the reason for the revocation:
      0 = No reason specified
      4 = User ID is no longer valid
      Q = Cancel
    (Probably you want to select 4 here)
    Your decision? 4

Answer the passphrase prompt and 'save' to update your keyring with the
modified key. Now send the key with revoked UID to the keyservers

    gpg --keyserver pool.sks-keyservers.net -send-keys 0xdecafbad
RobotHumans
  • 30,112
0

You're asking about PGP, I would think that the same applies as what you would Do with Gnu Privacy Guard (GPG). During the creation of your Key, you would go one step further and create a revocation key. For details and steps please see the official documentation here.

itnet7
  • 3,509