Sign up to save your podcasts
Or
Share GitHub SSH key is Leaked - How bad is this?
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
GitHub SSH key is Leaked - How bad is this?
GitHub Accidentally Exposed their SSH RSA Private key, this is the message you will get .
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256:uNiVztksCsDhcc0u9e8BujQXVUpKZIDTMczCvj3tD2s.
Please contact your system administrator.
Add correct host key in ~/.ssh/known_hosts to get rid of this message.
Host key for github.com has changed and you have requested strict checking.
Host key verification failed.
In this video I discuss how bad is this,.
0:00 Intro
1:10 What happened?
3:00 SSH vs TLS Authentication
6:00 SSH Connect
7:45 How bad is the github leak?
15:00 What should you do?
18:50 Is ECDSA immune?
https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/
View all episodes
By Hussein Nasser
4.9
4040 ratings
GitHub Accidentally Exposed their SSH RSA Private key, this is the message you will get .
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256:uNiVztksCsDhcc0u9e8BujQXVUpKZIDTMczCvj3tD2s.
Please contact your system administrator.
Add correct host key in ~/.ssh/known_hosts to get rid of this message.
Host key for github.com has changed and you have requested strict checking.
Host key verification failed.
In this video I discuss how bad is this,.
0:00 Intro
1:10 What happened?
3:00 SSH vs TLS Authentication
6:00 SSH Connect
7:45 How bad is the github leak?
15:00 What should you do?
18:50 Is ECDSA immune?
https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/
More shows like The Backend Engineering Show with Hussein Nasser
View all
Freakonomics Radio
32,245 Listeners
Software Engineering Radio - the podcast for professional software developers
273 Listeners
Risky Business
374 Listeners
Science Vs
12,172 Listeners
Syntax - Tasty Web Development Treats
987 Listeners
Darknet Diaries
8,107 Listeners
Practical AI
210 Listeners
Within Reason
1,658 Listeners
All-In with Chamath, Jason, Sacks & Friedberg
10,228 Listeners
Dwarkesh Podcast
541 Listeners
Big Technology Podcast
513 Listeners
Hard Fork
5,548 Listeners
The AI Daily Brief: Artificial Intelligence News and Analysis
655 Listeners
Prof G Markets
1,474 Listeners
The Pragmatic Engineer
74 Listeners