GitHub, a cloud-based repository hosting service, says it has taken “out of caution” to replace RSA SSH host keys used to secure Git operations after they have been temporarily published in public repositories. said.
The activity, which took place at 05:00 UTC on March 24, 2023, is said to have been carried out as a measure to prevent malicious individuals from impersonating the service and eavesdropping on user operations via SSH. It is
“This key does not grant access to GitHub’s infrastructure or customer data,” Mike Hanley, GitHub’s chief security officer and senior vice president of engineering, said in a post. . “This change only affects his Git operations over his SSH using RSA.”
This move does not affect web traffic to GitHub.com and Git operations performed over HTTPS. For ECDSA or Ed25519 users, no changes are required.
The Microsoft-owned company said it had no evidence that the public SSH private keys were misused by the attackers.
It further emphasized that “this issue was not the result of a compromise of GitHub systems or customer information.” It said the cause was “inadvertent disclosure of personal information.”
Also, if GitHub Actions users are using actions/checkouts with the ssh-key option, they may see workflow runs that fail and are in the process of updating actions on all tags. added.
Discover the hidden dangers of third-party SaaS apps
Are you aware of the risks associated with third-party app access to your company’s SaaS apps? Join our webinar to learn about the types of permissions granted and how to minimize the risks.
reserve a seat
The disclosure comes nearly two months after GitHub revealed that an unknown attacker managed to steal encrypted code-signing certificates associated with some versions of the GitHub Desktop for Mac and Atom apps. was done later.
