<%= NewRelic::Agent.browser_timing_header rescue "" %>

David van Geest

Software, Life, and Stuff I Couldn't Find on the Internet

Reviewing your GitHub SSH key

| Comments

Those of you living in a cave may not have heard that someone recently hacked GitHub to prove a point about default Rails mass-assignment settings. You can read all the gory details here and here.

At any rate, GitHub sent an email notifying everyone that they are performing an SSH key audit, and included a link to the audit page.

The page shows the SSH key’s fingerprint, but neglects to explain what it is or how to check the fingerprint on your own system. Here’s what you need to do:

  • Locate your public SSH key, it’s likely at ~/.ssh/id_rsa.pub
  • Run this command (or similar, depending on your system) to get the key fingerprint, replacing id_rsa.pub with the location of your public key:
 ssh-keygen -lf id_rsa.pub
  • If the printed key fingerprint matches the fingerprint on GitHub, you’re good! If not… follow their instructions and hope for the best :-P.