You need to remove the user's public key from the user's authorized_keys
file on the server. The default location for this is in the .ssh
directory within the user's home directory. For example, for user bloggs the file will be /home/bloggs/.ssh/authorized_keys
.
The file will contain the public keys that correspond to the private keys that user bloggs can use to login to your server. If bloggs has left the company, then simply delete all entries. Even better, delete his/her account.
If this is a shared account, you'll need to figure out which public keys in that file corresponds to the private keys bloggs still has access to, and remove just those. Remove the wrong ones and you'll lock out legitimate users. Fortunately, many entries in the authorized_keys
file have a comment consisting of the user's details at the end of the key. This may help you weed out the keys you need to remove.