Deleting cold keys - permission denied

Hello

Im trying to delete keys off the server. I have backed them up but having a problem deleting them as no matter what, i get permission denied.

rm: cannot remove ‘payment.skey.gpg’: Operation not permitted

Can i give permissions to these files and then delete them? is that the correct way?

I also read that you can use cntools to backup and have the option to delete the keys but this option to delete no longer exists.

Thanks

Hi!

First, check who is the owner and what is the permission, so list the folder where these keys stored with ls -l

I did that and its my user.

Screenshot 2021-04-10 at 09.55.41

The keys are protected by cntools.

U must go to cntools - pool - decrypt first

then try to delete again with sudo

If doesn’t work please try to change the rights first

chmod 755 cold.xxx for all 3 keystry again to remove… but first check carefuly if u bkped correctly

Thank you!

Tried to decrypt and then i guess you can delete the payment.skey and stake.skey but what happens now when you want to encrypt again and these files are non existent?

You wallet is then always in a decrypted state?

Havent tried yet and chmod doesnt work.

If they make it this difficult then are you not advised to move keys off the server anymore?

Thanks

Tried to decrypt and then i guess you can delete the payment.skey and stake.skey but what happens now when you want to encrypt again and these files are non existent?
You wallet is then always in a decrypted state?

There is no need to encrypt anymore if u don’t have the cold keys from pool folder and payment.skey stake.skey from wallet folder

Havent tried yet and chmod doesnt work.

Try to give permisions for the priv folder for ur user
cd $CNODE_HOME
ls -l

sudo chown -R ur_user priv

If they make it this difficult then are you not advised to move keys off the server anymore?

In my opinion if u encrypted the files with a strong password can’t be decrypted if the files will be stollen but for 100% sure it’s better to bkp them and delete from the server… but make 2-3 copies of bkp on different usb

Cheers,

I’m having the same issue here. unable to delete the cold.skey.gpg cold key even though there is cold.skey in same folder

chmod denied, sudo rm denied (I am the owner)

Looks like somewhere it went wrong, as even when wallet is decrypted there is a cold.skey.gpg file

who is the owner of the file - ls -l cold.skey.gpg

cold.skey.gpg is from pool encryption - deceyptuon not wallet files u will need to go to cntools - pool - decrypt in ordert ro delete the file

But first be sure u have a bkp of the file

AH! Didn’t see that. must have clicked it by mistake when doing wallet.

Why/ when does one want to encrypt the pool? I had followed advice and just made a copy and deleted the cold keys.

because the cold keys can be stolen, and without them you will not be able to modify the pool (retire, modify the pool, renew the KES, etc)

that’s why is better to have a copy of the files, bkped somewhere, in case will be deleted by mistake or stolen from the server

for the wallet files in the priv folder. are there any I need to keep on the server?

Looks like these:
/priv/wallet/wallet_name/:
base.addr
payment.addr
reward.addr
stake.vkey
payment.vkey

Bkp them and u can delete after (I think u imported the wallet with mnemonic words)

I did import with mnemonic.

I can delete all in the wallet folder? none needed for operation of pool?

Nope, the wallet’s files are necessarly when u will need to pay transactions fees like (modying the pool prameters, etc)

Hello Alex:
Quick question, my KES will expire soon, in order for me to renew it I just need to have all cold keys in producer, open cntools.sh go to pool and rotate?
the remove the cold keys and store them off-line
Thanks

Cofirm, only the cold keys… cntools - pool - rotate and restart the node

Then remove the cold keys

Thanks for your help…