github ssh audit - how to check your fingerprints

github forget to tell you how to easily check your .ssh fingerprints. ssh-keygen -l -f is easiest.


ssh-keygen -l -f ~/.ssh/id_*.pub

and compare the fingerprint to the ones listed at github.

For multiple .pubs:

for p in ~/.ssh/*.pub; do ssh-keygen -l -f $p; done

For the backstory see where @homakov was ignored and accused of trolling, until he decided to prove the vulnerability. Bad decision apparently.

Leave a comment

About Reini Urban

user-pic Working at cPanel on B::C (the perl-compiler), p2, types, parrot, B::Generate, cygwin perl and more guts (LLVM, jit, optimizations).