GitHub SSH key is Leaked - How bad is this?
Рет қаралды 66,533
Күн бұрынGitHub Accidentally Exposed their SSH RSA Private key, this is the message you will get .
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256:uNiVztksCsDhcc0u9e8BujQXVUpKZIDTMczCvj3tD2s.
Please contact your system administrator.
Add correct host key in ~/.ssh/known_hosts to get rid of this message.
Host key for github.com has changed and you have requested strict checking.
Host key verification failed.
In this video I discuss how bad is this,.
0:00 Intro
1:10 What happened?
3:00 SSH vs TLS Authentication
6:00 SSH Connect
7:45 How bad is the github leak?
15:00 What should you do?
18:50 Is ECDSA immune?
github.blog/2023-03-23-we-upd...
Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon)
backend.husseinnasser.com
Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon)
network.husseinnasser.com
Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon)
database.husseinnasser.com
Follow me on Medium
/ membership
Introduction to NGINX (link redirects to udemy with coupon)
nginx.husseinnasser.com
Python on the Backend (link redirects to udemy with coupon)
python.husseinnasser.com
Become a Member on KZbin
/ @hnasr
Buy me a coffee if you liked this
www.buymeacoffee.com/hnasr
Arabic Software Engineering Channel
/ @husseinnasser
🔥 Members Only Content
• Members-only videos
🏭 Backend Engineering Videos in Order
backend.husseinnasser.com
💾 Database Engineering Videos
• Database Engineering
🎙️Listen to the Backend Engineering Podcast
husseinnasser.com/podcast
Gears and tools used on the Channel (affiliates)
🖼️ Slides and Thumbnail Design
Canva
partner.canva.com/c/2766475/6...
Stay Awesome,
Hussein
@romitkarmakar5169 Жыл бұрын
Just a day after Github fired their whole engineering team in India
@daruiraikage Жыл бұрын
Modi hai toh mumkin hai
@antonhelsgaun Жыл бұрын
Why did they do that?
@kenny-ze8eg 5 ай бұрын
Whats worse. Is this is only a part of a whole series of unfortunate events. But id imagine bc they was the Microsoft that took access to my phone chromebook and pc. And nobody would help without me paying them thousands, but ubreakifix was nice enough to put an enterprise chromeOS over top of the corrupted firmware Microsoft did, so I bring it home and still no luck. But I've finally pieced the puzzle fully together. And weird thing is... Microsoft. Verizon, at@t, ubreakifix, and the way cloud storage, and the conflicting and confusing unclear explanations of, do this and I'll explain later, for a price. Tactics. No wonder people lose their minds in this world. They want the money and fame but won't take the blame. But I have about as much evidence as I need so I'll be going and talking to a lawyer about it all. And somebody... will pay for this. One way or another. And it's not me because... I will never stop until they prove me wrong.
@esra_erimez Жыл бұрын
"Beefstew" is not a stroganoff password
@shapelessed Жыл бұрын
._.
@RapiBurrito Жыл бұрын
Clever girl
@BreakingDownBitcoin Жыл бұрын
😂
@andyk2181 Жыл бұрын
All your saucy secrets will get leeked.
@HarshKapadia Жыл бұрын
Huh? Can someone please explain? 😅
@acorgiwithacrown467 Жыл бұрын
Even github is accidentally pushing sensitive material, something really has to be done.
@yeetyeet7070 Жыл бұрын
How safe do you want to be? Man-in-the-Middle yourself to check if ure pushing your private keys? "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." - Franklin from GTA 5
@acorgiwithacrown467 Жыл бұрын
@@yeetyeet7070 Bruh, it wouldn't be that difficult to throw up a little notification saying "Hey dumbass, you're pushing private keys again".
@yeetyeet7070 Жыл бұрын
@@acorgiwithacrown467 I meaan, if it was that easy, ppl would be doing it. Also kinda means you need to store all your private keys in one location that is constantly interfacing with other systems. In practice this would probably require management who know how important it is to do this properly, unlikely scenario imo))
@mishasawangwan6652 Жыл бұрын
something has to be done? humans make mistakes. end of discussion.
@acorgiwithacrown467 Жыл бұрын
@@mishasawangwan6652 In that case remove the humans, problem solved.
@RogerThat902 Жыл бұрын
Thank you for explaining this. That warning scared me for a day or so. Didn't feel like Github did enough to explain or even alert that the issue was on their end...
@filiuslaurentius Жыл бұрын
Keep in mind that TLS cert authority listed in your browser is only as strong as the weakest managed Cert authority.
@gcolombelli Жыл бұрын
And the list of CAs is really small and 100% trustworthy. /s
@NapanTR Жыл бұрын
You mean in a given connection right? Not in general?
@gcolombelli Жыл бұрын
@@NapanTR You know how that cute little padlock thing in the address bar works, right? If your connection is "secured" with a key that's been signed by *any* one of the hundreds of CAs marked as a "trusted root authority", the cute padlock shows up. If you connect to your e-mail provider one day and your government decides to snoop on your connection and sign it with it's own CA, the cute little padlock will show up and you won't even notice, unless the users have been using certificate pinning, then it's obvious to the whole world the kind of shenanigans that's been happening. But people are forgetful and either don't care or don't understand how any of this works, they see a cute little padlock and think "this is fine"... by the way, that exact scenario happened, too bad for the government in question they weren't expecting that the e-mail provider was also the developer of a popular web browser and decided to silently ship it with certificate pinning enabled for it's services. But years go by, people forget, and that list of "certificate authorities" never seem to shrink, and browsers, old-fashioned e-mail clients, cool modern mobile apps and other software still won't let you easily (or at all) review how your connection was "secured" and warn you of any suspicious behavior, unless it's either something absolutely egregious or completely mundane (like an expired cert).
@filiuslaurentius Жыл бұрын
@@NapanTR A CA can issue certs for any domain. You can set up your own CA or authorise your own list of CAs. Web browser developers have their own list of default CAs in their web browsers whose Certs are automatically trusted for any website. Much of the annual admin to show compliance / good practice is self certified by the CAs themselves to those browser devs. There have been occasions I have removed a CA from browser approved CAs. for a variety of reasons or dumped a browser vendor.
@filiuslaurentius Жыл бұрын
@@gcolombelli joke? nothing is 100% trustworthy
@maedehshahabi4744 Жыл бұрын
Thank you very much Hussein. Always explaining simple and clear..
@calvinlucian387 Жыл бұрын
That's why I always set my username as my password. Can't steal what you already have. 😎
@daleryanaldover6545 Жыл бұрын
that's a 10x developer move right there
@jeffwilson8246 Жыл бұрын
$RILLIANT 🧠 💣 👏 👏 👏
@classical-bit Жыл бұрын
❤ love you boss, your work keeps inspiring me
@snghnishant Жыл бұрын
Our ci/cd broke because of this :(
@insu_na Жыл бұрын
What I feel would be worse than potentially stealing a git push would be to add malicious code / a malicious commit to a git pull. Next time you push to the legitimate github again after your own repo has been infected with something malicious you're spreading it to all people who use your repository, and if it's done well enough, like by amending a pre-existing commit, you would likely not even notice that something is awry
@MatthijsvanDuin Жыл бұрын
amending a commit would result in a merge conflict on pull (if you already had the commit) or a non-fast-forward push
@insu_na Жыл бұрын
@@MatthijsvanDuin Sure, but not every repo has disabled force pushing. Bad practice for sure, but probably normal in more workflows than one might assume. Naturally there's easy measures to prevent such things, such enforcing signed commits or preventing force pushes, etc. but not everyone uses those
@MatthijsvanDuin Жыл бұрын
@@insu_na Force-push can be useful and I certainly do use it myself too, but only in cases where I know exactly why I need it. If you're using it just because you got your push rejected then you've probably just destroyed a commit from someone else working on the project.
@twiksify Жыл бұрын
Why did I forget to sub last time? HERE, take my time!
@murat.terzioglu Жыл бұрын
Important subject to address, thanks!
@digitalcontent1870 Жыл бұрын
Great videos Hussein TY.
@pawsdev Жыл бұрын
Hi Hussein, your channel is very rare, there are not so many free reasoning about technology channels, all topics showed very well. But a have questions about async? very difficult to differ async from multithread. For example, if we launch operation in different thread and not wait result in main - so we can tell that it is async, bacause main not blocked. But it is not async because non-main thread is blocked, non-main thread have to be not-blocked too or not. If non-main thread is not blocked so i cant imagine how event loop controls main and another threads. Threre are a lot of such questions. So this is goo idea for video, how mulithreading really diifers from asyn aunder the hood. I mean primarly Java, maybie in JS its som different and more understandable
@catcatcatcatcatcatcatcatcatca Жыл бұрын
Someone should create an encryption algorithm where the user provably can’t know let alone leak their private key, just use it. It would run in a manner that differs every time so that even stealing the device wouldn’t compromise it, and identify who actually is trying to use it at any given time and check their soul to make sure they are both authorised and acting in good faith.
@evbike Жыл бұрын
Not possible
@Sammysapphira Жыл бұрын
Couldn't we implement some sort of system into git which checks to see if someone is accidentally pushing a sensitive key? I know we have gitignore but that doesn't solve negligence. If the key never changes, it should be as simple as something to check if the text string exists in the push, and then block the push
@mishasawangwan6652 Жыл бұрын
this already exists.
@Stealthy5am Жыл бұрын
Something similar exists, but the specific implementation you're suggesting is a bad idea... You're suggesting to check for a specific string, to do that you'd have to put your sensitive information in your code because you need to know what to check for... And RSA private key is just one secret... You'll check for all different secrets? Well, imagine that part of the code leaks, ALL of your secrets would leak. A better approach is to check if something looks like a secret, if it does warn the user, but still let them push if they really want to.
@AshutoshSharma-ml6sv Жыл бұрын
Hi Hussein, can you make a video explaining: "Internet Computer Protocol (ICP)" ?
@YUNGBLIZZOYELAKIN617 Жыл бұрын
👆👆 I will always tell people's about what you have done for me all thanks very much
@pacificp Жыл бұрын
What may be the issue if same host public key is used in multiple systems? Thanks.
@GARYLLOYD999INSTAGR Жыл бұрын
Thank you so much sir
@squ34ky Жыл бұрын
Did this have anything to do with them laying off their entire developer team in India?
@baara100 Жыл бұрын
🎉😂
@tigreonice2339 Жыл бұрын
If u have ssh with github.. do you need to change your keys or can your pc can be hacked?
@CppObjectOrientedProgrammer Жыл бұрын
Hey I don't know enough about RSA, but would archived/old internet traffic sessions with github be vulnerable to decryption now?
@CppObjectOrientedProgrammer Жыл бұрын
Chat GPT helped me out lol: If an RSA key gets leaked, any past communication that was encrypted using that key is vulnerable to decryption. This is because the RSA algorithm uses public-key cryptography, which means that anyone can use the public key to encrypt a message, but only the owner of the private key can decrypt it. If the private key is leaked or compromised in some way, an attacker could potentially use it to decrypt any messages that were encrypted using the corresponding public key. This includes not only past communication, but also any future communication that uses the same key pair. Therefore, if an RSA key gets leaked, it is important to stop using that key pair immediately and generate a new one to ensure the security of future communication. It is also recommended to assess any potential damage that may have been caused by the leak and take appropriate measures to mitigate it.
@CppObjectOrientedProgrammer Жыл бұрын
So maybe all passwords used with archived network sessions could be decrypted, and are insecure now?
@YUNGBLIZZOYELAKIN617 Жыл бұрын
I really appreciate I got the key and I withdraw my 2BTC
@RyanBess Жыл бұрын
I wonder why the ssh protocol doesn’t have a similar crl/oscp mechanism like tls. Makes too much sense to have that central authority for veryifing if that key is still valid.
@lolerie Жыл бұрын
It does. And on DNS another one.
@Spice__King Жыл бұрын
It does, but no central authority exists for it. The OpenSSH team probably doesn't want to push a provider and probably not all clients/servers support it. StepCA offers a semi automated way of setting it up with your own CA for it and I will say it's useful in an enterprise setting.
@newmonengineering Жыл бұрын
A huge concern yet I doubt much actually happened from it. If some one setup and got the key and used it on a large companies local Lan. They probable were ready for it. Otherwise probable no one even tried to use it.
@danrayson Жыл бұрын
Let's be honest. This was on purpose, and was so the government could access all code. Let's get real. The incentives are so strong that it'd be daft to think otherwise.
@LiEnby 10 ай бұрын
bruh the government could just send github an email saying "please send me the contents of mojang/minecraftpe" or whatever
@brod515 Жыл бұрын
I had an rsa key in my .ssh folder but I never got this error. how is that possible?
@tigreonice2339 Жыл бұрын
Is it safe to use git with github 11 April 2023? Did they patch the vulnerabity?
@incremental_failure Жыл бұрын
I just had my VNC accidentally open for months. It's scary stuff and can open to anyone.
@marslogics Жыл бұрын
what is wrong with the preview images for chapters in your video, all chapters show same preview image instead of showing preview from that chapter.
@YASH-xo9sl Жыл бұрын
Recently some folks from GitHub got fired , what a coincidence !
@RapiBurrito Жыл бұрын
Oh well that kind of sucks, gotta be really careful with what you push. Always double check the staged changes guys 😓
@gamaTamarama Жыл бұрын
If someone managed to insert an entry to the host file, redirecting to a spoofed GitHub that would also be pretty bad...
@BRUHItsABunny Жыл бұрын
You could argue https is the most secure but also the least secure The certificate authority check is what makes and breaks it All that has to happen for it to be broken is someone add their certificate to the trusted root of your device and from there they could intercept a lot Affects a lot of programs except for programs that pack their own certificate authorities like Flutter based programs Also Chrome when HSTS is not turned off is safe This is an integral part to how i reverse engineered API's from apps and programs that use certificate pinning This means if an attacker can get access to your device either remotely or physically, and run an elevated shell, you could be compromised
@B20C0 Жыл бұрын
"if an attacker can get access to your device either remotely or physically, and run an elevated shell, you could be compromised" is the very definition of being compromised, doesn't have anything to do with https per se. If someone can access an elevated shell on your server, you can be compromised in literally thousands of ways.
@BRUHItsABunny Жыл бұрын
@@B20C0 depends on what you define as an attacker From the perspective of a backend developer protecting against malicious clients (bots, custom third party clients, etc) the owner of a device could very well be defined as an attacker
@B20C0 Жыл бұрын
@@BRUHItsABunny It doesn't matter what you define as an attacker. KISS: If someone has access to an elevated shell who shouldn't have, you have to view all systems that the wrongfully elevated user has access to as compromised unless you can VERIFY it's not (for example with filesystem checksums on an external system and other tools). You can call it an attacker or Bugs Bunny, it doesn't matter.
@monad_tcp Жыл бұрын
HTTPS is not technically more secure, it just has a method to revoke keys because it presumes they are going to be leaked. So CRL can be automatically pushed and all the keys are immediately made invalid.
@monad_tcp Жыл бұрын
"Also Chrome when HSTS is not turned off is safe" Its "pointless" safe if the attacker already has root access to inject root certs, they can already turn off HSTS in Chrome if they want. Or inject any process and do VirtalReadForeignMemory (or whatever that API is called) and read everything decrypted.
@monad_tcp Жыл бұрын
And the guys over SSH protocol keep saying they don't need CRLs and repudiation that TLS has, well, you got owned. This isn't anything new, it keeps happening over and over again, keys do leak...
@aakarshan4644 Жыл бұрын
could be related to github india layoff
@II-ii2um Жыл бұрын
Oh yeah, I'm definitely thinking the same as well. Former disgruntled employees said fuck it and took them down.
@_dnL Жыл бұрын
yeah totally like this stuff 👍
@esra_erimez Жыл бұрын
Vikings use "Norse code" to communicate.
@ttrss Жыл бұрын
Ok thats enough😆
@esra_erimez Жыл бұрын
@@ttrss 😁
@helmchen1239 Жыл бұрын
i thought the whole point of RSA keypairs is to not type in any password .. all the attacker's server (from the example) can get, is your public key, which is not a problem. What am i missing? Of course you can set a password on your own private key, but that's handled on the client. That someone can impersonate Github is of course still a nasty thing.
@brod515 Жыл бұрын
the key issue is the "someone can impersonate github"
@mishasawangwan6652 Жыл бұрын
what your missing is this: a private key is an identity. it proves who you are. you can think about it like: someone stole your social security number. this is not a perfect example but i hope it gives you an idea.
@helmchen1239 Жыл бұрын
@@mishasawangwan6652 yeah but it's not MY private key .. what i mean is, where is the harm for me as a enduser, why should i care? i see no scenario where any attacker can actually do something with it, therefore the question :)
@ryan1696 Жыл бұрын
@@helmchen1239 Technically, you shouldn't. Really, it's just GitHub saying, hey, we changed our private key, if you get the message that says something changed, that's all good and normal.
@mishasawangwan6652 Жыл бұрын
@@helmchen1239 ah i misread your question. thank you for clarifying. anyway: let's say github's PK remained compromised. what does that mean for you as an enduser? that depends. maybe no impact at all but maybe it means they steal your code, CC or PII etc.. what if you're an enterprise? a bad actor _could_ do this with github's key because this private key is what identifies github as an entity. steal someones identity and.. well.. i think you get it by now :)
@gaureesha9840 Жыл бұрын
ssh should also start supporting certificates similar to https.
@drescherjm Жыл бұрын
I had to regenerate my keys to connect.
@azrif6663 Жыл бұрын
even if the github server private key were compromised, the attacker still need your public key in order to decrypt the content. your public key were stored in github when you wanted to setup your ssh configuration before being able to use ssh feature. the problem is if github compromised private key’s public key is added to its own “known_host”. then good luck to us all connected clients.. which i think it’s quite likely to be hence why they regenerated new key pair.
@brod515 Жыл бұрын
what do you mean by "the problem is if github compromised private key’s public key is added to its own “known_host”." I don't undestand that
@lariskovski Жыл бұрын
the attacker wouldn’t need your public key stored on github. that key is for authentication purposes. the messages sent from client to server are encrypted using github’s public key. therefore, yes, the attacker could decrypt it using the leaked private key.
@azrif6663 Жыл бұрын
You are right. I forgot that RSA is less secure since it encrypt the message with the recipient public key and recipient only need to decrypt it with its private key. Compared to - encrypt with both sender private key and recipient public key - and - decrypt with both sender public key and recipient private key.
@MrSquishles Жыл бұрын
if someone dns poisons your connection to github then they can supply chain attack you with bad upstream code... but that's it and unless you're like working in a bunker no one would bother and you're probably not pushing to github.
@rogo7330 Жыл бұрын
If TLS private key would be pushed it gonna be even bigger disaster, because it's gonna ruin the entire trust chain.
@tarat.techhh Жыл бұрын
very useful
@dvo66 Жыл бұрын
Github laid off entire engineer workforce from India. was the team responsible? Or is the new team not good enough ?
@everyhandletaken Жыл бұрын
!In Microsoft we trust.
@paulstelian97 Жыл бұрын
SSH will forcibly fail if there is a MISMATCH, not just a missing key.
@television9233 Жыл бұрын
That warning is annoying Github should have communicated to the users in a better way
@KarimBenabd Жыл бұрын
Twitter, then Facebook and who is next?! Is this an agenda?
@daruiraikage Жыл бұрын
what does this mean? do i have to chagne my gh password? im too illiterate,please break it dowm for me.
@complexity5545 Жыл бұрын
Microsoft at it again.
@yuannow Жыл бұрын
sshhh! It's a secret.
@georged8644 Жыл бұрын
I've never trusted the damn thing so this completely predictable error doesn't affect me at all.
@jakeave Жыл бұрын
I totally saw this and I ended up making a new key and deleting the old one anyway.
@andythedishwasher1117 Жыл бұрын
That sounds entirely correct and it is terrifying. However, it probably will mean a big spike in available work for security pros. Sounds like I picked an excellent time to start studying for sec+
@kiattim2100 Жыл бұрын
This is gonna be a headache.
@avengersspider-qt5xh Жыл бұрын
@github your key leaked
@disdroid Жыл бұрын
Is there a way to delete from GitHub?
@LiEnby 10 ай бұрын
yes you can git rebase then force push
@disdroid 10 ай бұрын
@@LiEnby so that will remove my .htpasswd from the repo? Cool thanks
@GARYLLOYD999INSTAGR Жыл бұрын
Tomorrow and forever
@HUEHUEUHEPony Жыл бұрын
you don't get asked passwords if you connect through ssh
@1337kaas Жыл бұрын
Password authentication is still a thing in SSH. Yes public key authentication is possible but so are other methods. Depending on the server configuration
@ttrss Жыл бұрын
(personal git server)
@kenny-ze8eg 6 ай бұрын
I can tell a huuuge and very confusing story that I still don't quite understand fully because nobody will help me lmao. And last time I called for help from what I thought was microsoft. But. Making more and more sense the more I dig. But still don't know linux nor can I get all this shit fixed. :/
@kenny-ze8eg 5 ай бұрын
So still no actual help for the person effected. They just sit back at watching. It's destroyed my entire network and every computer on it. Had just started to try to learn linux. But now I'm in some type of botnet and still no help. No questions on how i got to this spot. Nothing. So they accidently push their private code TO me. Then I accidently run the script as root. But had to use linux because the ransomware Microsoft group I called way back in January of 2022 took my Microsoft pcs. Nobody would help me back then unless I payed thousands. Find this program MedicatUSB and accidently run that as root because I followed different videos. And it was crammed in my head to run things as root. So basically it's destroyed my entire network and every pc I had and also ruining every PC I go around.
@kenny-ze8eg 4 ай бұрын
I'm still watching this every day trying to see if anything clicks that hasn't before. And I'm still like. Okay my authorization is still failing because it says self signed certificates. And shows a "intercept.ha" after all of this and I find that Wireshark network and I'm still like.... "how bad IS this..?" When I posted on the github community forums I got blocked. But surely... they see by now I wasn't lying about what I had been saying. Hope nobody else has to go through all this. Because they screwed me over pretty bad. The engineering team that is.
@Rare_K_ Жыл бұрын
let's be real if you login to github & push stuff to private repos, are you really going to do it with starbucks wifi, where anyone could be looking at your screen anyway, and the router could be compromised by 1000 different ways?
@catcatcatcatcatcatcatcatcatca Жыл бұрын
plenty of people work in starbucks, pushing code to their private repo. However they probably use at least VPN, and if the key wasn’t leaked the strick checking would have prevented any man-in-the-middle attack that concerns SSH. You’d need more than a router to break SSH, for example the ability to run faster than the dev while carrying said devs laptop.
@harriehausenman8623 Жыл бұрын
Why are you doing NIKE ads now? I hope you get at least well compensated.
@redrum4486 Жыл бұрын
I was working in a new place and I couldn'tt get access to the box for 2 weeks because the admin was putting an extra space in my public key *facepalm*
@1337kaas Жыл бұрын
Classic
@yungifez Жыл бұрын
This couldn't have come at the worst time for me I just started a new job And it keeps breaking npm
@yungifez Жыл бұрын
@@dr5290 man, that day would be painful
@yungifez Жыл бұрын
@dr5290 this makes my panic worse 🤣🤣
@1337kaas Жыл бұрын
It's a 10 second fix...
@yungifez Жыл бұрын
@1337kaas i know But it still kept giving me errors Fixed now though
@katanasteel Жыл бұрын
It's fairly simple to replicate this scenario: 1 Ssh to a local host and accept the host key. 2 As root delete all the id_ from /etc/ssh private keys 3 restart sshd 4 logout and try to log back in
@skeletico Жыл бұрын
Dude, no one is using ssh nowadays, that's why the default behavior is https, try to make real content
@1337kaas Жыл бұрын
Are you living under a rock? In many organizations SSH is the norm for git clones. And every Linux remote server is managed through SSH...
@skeletico Жыл бұрын
@@1337kaas yeah... But this is about just one key, I'm sre, so I know what I'm talking about. Ssh is the norm mostly with self hosted git servers like gitlab, not GitHub. Also, what does every other Linux server has to do with this video? Stay on track dude
@1337kaas Жыл бұрын
@@skeletico well, you're saying nobody is using ssh nowadays which is just not true
@1337kaas Жыл бұрын
"Try to make real content" really? It's a great video with informative content about ssh host keys and you're passing it off as not real content. Have some more respect for the great content you are offered for free of charge.
@skeletico Жыл бұрын
@@1337kaas yeah, it's sensationalism, I usually think of content like actually proven facts as real content, my bad
@bdidue6998 Жыл бұрын
I was wondering why I couldn't ssh out of the blue 😂
Tech With Sanwal
Рет қаралды 168 М.
Telefonchi uz
Рет қаралды 1,8 МЛН
CaseGuru / Наушники / Пылесосы / Смарт-часы /
Рет қаралды 4,3 МЛН