Sign up to save your podcasts
Or
Share GitHub SSH key is Leaked - How bad is this?
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
GitHub SSH key is Leaked - How bad is this?
GitHub Accidentally Exposed their SSH RSA Private key, this is the message you will get .
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256:uNiVztksCsDhcc0u9e8BujQXVUpKZIDTMczCvj3tD2s.
Please contact your system administrator.
Add correct host key in ~/.ssh/known_hosts to get rid of this message.
Host key for github.com has changed and you have requested strict checking.
Host key verification failed.
In this video I discuss how bad is this,.
0:00 Intro
1:10 What happened?
3:00 SSH vs TLS Authentication
6:00 SSH Connect
7:45 How bad is the github leak?
15:00 What should you do?
18:50 Is ECDSA immune?
https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/
View all episodes
By Hussein Nasser
4.9
4040 ratings
GitHub Accidentally Exposed their SSH RSA Private key, this is the message you will get .
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256:uNiVztksCsDhcc0u9e8BujQXVUpKZIDTMczCvj3tD2s.
Please contact your system administrator.
Add correct host key in ~/.ssh/known_hosts to get rid of this message.
Host key for github.com has changed and you have requested strict checking.
Host key verification failed.
In this video I discuss how bad is this,.
0:00 Intro
1:10 What happened?
3:00 SSH vs TLS Authentication
6:00 SSH Connect
7:45 How bad is the github leak?
15:00 What should you do?
18:50 Is ECDSA immune?
https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/
More shows like The Backend Engineering Show with Hussein Nasser
View all
Software Engineering Radio
273 Listeners
The Changelog: Software Development, Open Source
291 Listeners
Software Engineering Daily
623 Listeners
The Cloudcast
153 Listeners
Talk Python To Me
586 Listeners
Soft Skills Engineering
284 Listeners
Python Bytes
214 Listeners
Y Combinator Startup Podcast
237 Listeners
Syntax - Tasty Web Development Treats
984 Listeners
Practical AI
214 Listeners
The Stack Overflow Podcast
62 Listeners
The Real Python Podcast
140 Listeners
Dwarkesh Podcast
505 Listeners
Big Technology Podcast
477 Listeners
Oxide and Friends
59 Listeners