Updating GitHubs SSH Key

Last week GitHub briefly leaked it’s private RSA ssh host key and replaced it with a new one. If you’ve ever cloned a repo from GitHub using the key you’ll get warning that the hosts key has changed and it may have been compromised.

Run the following in a shell to remove the fingerprint of the old key and you’ll be prompted to add fingerprint for the new key next time you access GitHub using ssh.

ssh-keygen -R github.com

If you want to add the fingerprint of the new public key to your know_hosts file ahead of time you can run the following to fetch it from GitHub (you’ll need the JSON processor [jq[(https://stedolan.github.io/jq/) command line tool installed)

curl -L https://api.github.com/meta | jq -r '.ssh_keys | .[]' | sed -e 's/^/github.com /' >> ~/.ssh/known_hosts