Cloud-based repository hosting service GitHub said it took the step of replacing its RSA SSH host key used to secure Git operations “out of an abundance of caution” after it was briefly exposed in a public repository.
The activity, which was carried out at on March 24, 2023, is said to have been undertaken as a measure to prevent any bad actor from impersonating the service or eavesdropping on users’ operations over SSH.
“This key does not grant access to GitHub’s infrastructure or customer data,” Mike Hanley, chief security officer and SVP of engineering at GitHub, said in a post. “This change only impacts Git operations over SSH using RSA.”
The Microsoft-owned company said there is no evidence that the exposed SSH private key was exploited by adversaries. It did not disclose how long the secret was exposed.
It further emphasized that the “issue was not the result of a compromise of any GitHub systems or customer information.” It blamed it on an “inadvertent publishing of private information.”
The disclosure comes nearly two months after GitHub revealed that unknown threat actors managed to exfiltrate encrypted code signing certificates pertaining to some versions of GitHub Desktop for Mac and Atom apps.
Source: https://thehackernews.com/