At any rate, GitHub sent an email notifying everyone that they are performing an SSH key audit, and included a link to the audit page.
The page shows the SSH key’s fingerprint, but neglects to explain what it is or how to check the fingerprint on your own system. Here’s what you need to do:
- Locate your public SSH key, it’s likely at ~/.ssh/id_rsa.pub
- Run this command (or similar, depending on your system) to get the key fingerprint, replacing id_rsa.pub with the location of your public key:
- If the printed key fingerprint matches the fingerprint on GitHub, you’re good! If not… follow their instructions and hope for the best :-P.