DEV Community

Cover image for 😨Is Someone Actually Eavesdropping On Me!😱
Aosu Stephen Terver
Aosu Stephen Terver

Posted on

😨Is Someone Actually Eavesdropping On Me!😱

I woke up this morning to discover the message in the banner, it was scary! The message popup while trying to access a GitHub repository from my local machine, (I've not seen something like this before), I actually thought I have been hacked.

Background on GitHub's SSH Key Exposure

GitHub is one of the most popular code hosting platforms in the world. Millions of developers use GitHub every day to collaborate on projects, share code, and manage their workflows. Unfortunately, even the most trusted and reliable platforms can sometimes experience security incidents.

GitHub discovered that its RSA SSH private key was briefly exposed in a public GitHub repository. Although the exposure lasted only a few minutes, it was long enough to potentially compromise the security of the SSH key.

Impact of the Exposure on Developers Using GitHub

As a result of the incident, GitHub changed its RSA SSH private key out of an abundance of caution. This change will impact developers who use SSH keys to authenticate with GitHub. If you are one of those developers, you may notice a warning message when you try to connect to GitHub.

Warning Message Displayed by GitHub

The warning message will look like this:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256:uNiVztksCsDhcc0u9e8BujQXVUpKZIDTMczCvj3tD2s.
Please contact your system administrator.
Add correct host key in ~/.ssh/known_hosts to get rid of this message.
Host key for github.com has changed and you have requested strict checking.
Host key verification failed.
Enter fullscreen mode Exit fullscreen mode

This warning message is triggered because the RSA SSH key used to authenticate with GitHub has changed. There are two potential causes for this change: either someone is attempting a man-in-the-middle attack, or GitHub has changed the key for security reasons.

Steps to Fix the Issue

If you see the warning message, there are several steps you can take to fix the issue, read more from this post made by GitHub about the incidence, and what steps to take to protect yourself.

Top comments (0)