GitHub Proactively Replaces Exposed RSA SSH Host Key to Safeguard Git Operations : Emily Rosemary Collins
by: Emily Rosemary Collins
blow post content copied from Be on the Right Side of Change
click here to view original post
GitHub swiftly replaced its RSA SSH host key today after discovering it was briefly exposed in a public repository. Fear not, as the key switch doesn’t affect GitHub’s infrastructure or customer data, and only impacts Git operations over SSH using RSA. HTTPS Git operations and web traffic remain unaffected.
The exposure wasn’t due to a compromise but rather an inadvertent publishing of private information. GitHub took action out of caution, and there’s no evidence of the exposed key being misused.
If you’re using ECDSA or Ed25519 keys, no action is needed. However, if you encounter a warning message while connecting to GitHub.com via SSH, follow the provided steps to remove the old key and add the new one. GitHub Actions users should take note of potential failed workflow runs and update their workflows accordingly:
For further details, consult GitHub’s official documentation on SSH public key fingerprints.
March 24, 2023 at 04:27PM
Click here for more details...
=============================
The original post is available in Be on the Right Side of Change by Emily Rosemary Collins
this post has been published as it is through automation. Automation script brings all the top bloggers post under a single umbrella.
The purpose of this blog, Follow the top Salesforce bloggers and collect all blogs in a single place through automation.
============================
Post a Comment