The solution is in the blog but the easy thing (if you don't want to RTFB) is
1. issue: ssh-keygen -R github.com - this will remove github.com from your known_hosts file 2. then access github.com using ssh on the command line and reply yes to adding the host to your known_hosts file And you should be golden - at least this worked for me on my OMVS and windows systems Lionel B. Dyck <>< Website: https://www.lbdsoftware.com Github: https://github.com/lbdyck “Worry more about your character than your reputation. Character is what you are, reputation merely what others think you are.” - - - John Wooden -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Rick Troth Sent: Friday, March 24, 2023 9:00 AM To: [email protected] Subject: Re: GitHub Update - Arg! It's all about trust. SO glad you posted, and esp that you found the announcement. (A little concerned, though, that their primary web interface doesn't have an alert.) I would have panicked. Interesting that handling of this SSH key: #1 is manual effort for the clients, and #2 is *minimal* effort for the clients as long as they know (and can trust) the story. By contrast, PKI certs are #1 supposedly not managed manually (at the client end), but #2 a real pain in the arse to manage (on both ends). BT/DT -- R; <>< On 3/24/23 09:28, Lionel B. Dyck wrote: > I got bit this morning and ran across that. Not nice (imho). > > > Lionel B. Dyck <>< > Website: https://www.lbdsoftware.com > Github: https://github.com/lbdyck > > “Worry more about your character than your reputation. Character is what you > are, reputation merely what others think you are.” - - - John Wooden > > -----Original Message----- > From: IBM Mainframe Discussion List <[email protected]> On > Behalf Of René Jansen > Sent: Friday, March 24, 2023 8:22 AM > To: [email protected] > Subject: Re: GitHub Update - Arg! > > Thanks Lionel, that was just in time! > > best regards, > > René. > >> On 24 Mar 2023, at 13:43, Lionel B. Dyck <[email protected]> wrote: >> >> GitHub changed their RSA SSH Host Key and now there are issues. Here >> is their announcement: >> >> https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/ >> >> This is what you may see: >> >> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ >> @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ >> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ >> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! >> Someone could be eavesdropping on you right now (man-in-the-middle attack)! >> It is also possible that a host key has just been changed. >> The fingerprint for the RSA key sent by the remote host is >> SHA256:uNiVztksCsDhcc0u9e8BujQXVUpKZIDTMczCvj3tD2s. >> Please contact your system administrator. >> Add correct host key in ~/.ssh/known_hosts to get rid of this message. >> Host key for github.com has changed and you have requested strict checking. >> Host key verification failed. >> >> >> Lionel B. Dyck <>< >> Website: https://www.lbdsoftware.com >> Github: https://github.com/lbdyck >> >> “Worry more about your character than your reputation. Character is what you >> are, reputation merely what others think you are.” - - - John Wooden >> >> --------------------------------------------------------------------- >> - For IBM-MAIN subscribe / signoff / archive access instructions, >> send email to [email protected] with the message: INFO >> IBM-MAIN > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, send > email to [email protected] with the message: INFO IBM-MAIN > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, send > email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
