Security News > 2023 > March > Github publishes RSA SSH host keys by mistake, issues update

Github publishes RSA SSH host keys by mistake, issues update
2023-03-24 13:34

Github has updated its SSH keys after accidentally publishing the private part to the world.

A post on Github's security blog reveals that the company has changed its RSA SSH host keys.

It's not the end of the world: if you normally push and pull to Github via SSH - which most people do - then you will have to delete your local Github SSH key, and fetch new ones.

Someone published Github's private RSA keys in a repository on Github itself.

That is bad. GitHub Copilot learns new tricks, adopts this year's model GitHub rolls out mandatory 2FA for loads of devs next week GitHub claims source code search engine is a game changer Microsoft, GitHub, OpenAI urge judge to bin Copilot code rip-off case.

SSH supports alternative cryptographic algorithms to RSA for its keys, and Github also has ECDSA and Ed25519 keys as well.


News URL

https://go.theregister.com/feed/www.theregister.com/2023/03/24/github_changes_its_ssh_host/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Github 13 2 45 30 19 96
RSA 12 0 46 18 3 67