- First find the Hockeypuck hash of the key(s) to be removed via the web search of your key server instance;
- On the index, copy the hash value (
Hash=HASHVALUE
) (it's the hex representation of MD5); - Connect to the PostgreSQL interface of your Hockeypuck server;
psql hkp
- Find the corresponding keys from their hash value;
select rfingerprint from keys where md5 in ('HASHVALUE');
- This will return the corresponding fingerprints;
- Then delete the associated sub-keys;
delete from subkeys where rfingerprint in ('RFINGERPRINT');
- Then delete the main keys;
delete from keys where md5 in ('HASHVALUE');
- Then add the fingerprints in the Hockeypuck server blacklist to avoid reconciliation of the removed keys from other servers;
- The black-list feature was introduced in Hockeypuck 2.1.0 release;
[hockeypuck.openpgp]
blacklist=[
"2790943722612cf8d9c2db9213de25eed1bb5151",
"a490d0f4d311a4153e2bb7cadbb802b258acd84f",
"5c738727ee58786a777c4f1db5aa3fa3486ed7ad",
"33d51b5621953173ab74b521bdca9f8e3a6c1785",
"B4530375102C9EB270909C9C006694EB",
"A73FAA9CF3B7D3864C01BA38C32C7BF3",
"2E2EBC681E19FF06574B7F22AE5453A45153BD1F",
"11D33E66C37371DCE4429A9D8BE6E0081569FEC9",
"4A3C31EDB549E934FAA31CF18A4ED56C1B7D70F8",
"27B5000E1B27A03DD45E63FDD1C937F64B790FE5",
"FE1753D8F4CBFC8913C71A73461BB523E2468F79",
"10659E93DE8ED69F47A8E6A4752E6011A7CEC081",
"CD30DADCDE54B62476ED5DBDAAC27ADA79FA32F4",
"C7A23D987C0A2F4A8C2C406595D3C5C466C16F5C",
"33C251792B7AD4EFA60F3B6F854B81325727766A",
"C50C58C6A45C7F10332119C31EC6E78556894CF2",
"9C002FD129AAB3DAAF4886C11BACFFF4421C6F24",
"22DD2374F7C072B064731B84042EF61F3F2951C3",
"39762A49F4F92358BA98D0897E4CD9873EAD04E5",
"90034CCA442A325FEDEB2E0302F6EB3D3523062F",
"E706E6E2B0062D68E00AD3A71B4E586917D2D55F",
"4EE0EA407647CE7F893B4D4CD55A56ED08155AA7"
]
Yes. It's documented in HIP-1.