Removing Balena cloud SSH key

Hi There,

Due to regulations, concerns and promises we are required to remove the option to connect with a device via balena, and thus remove the corresponding ssh key.
The only keys that should be on the device are our own.

In another thread it is stated that the SSH key can be revoked. How can I do this? I cannot find any documentation. I do see a key in /home/.ssh
Our devices have already been flashed, but I still have the option to reflash them if it is absolutely necessary.


Hi Rick, you can remove the key manually to prevent access. If you haven’t be sure to check Security - Balena Documentation to understand the tradeoffs, for example you’ll loose support access should you move into a paid plan in the future.

However, this will render the device inaccessible remotely for the purposes of support or repairs and updates to the base OS.

Does this mean I will not be able to update the os anymore through Balena, or that you will not be able to help me with this if anything goes wrong?

The latter. By removing the public balena SSH key, nobody will be able to access your device via our VPN. Neither the Balena team, nor yourself. Your ability to update the device and access it directly will be unaffected. Please do give it a try with a testing device just to be sure.