Menu
I just received an email saying "A new public key was added to your account". I checked my GitHub account and saw two keys - one was added by me several weeks ago from my Ubuntu machine, and one was added today from a Windows machine. This is a machine that I once worked on using GitHub client for Windows, but, I haven't entered it for several weeks now.
My questions are:
251
In the upper-right corner of any page, click your profile photo, then click Settings. In the "Access" section of the sidebar, click SSH and GPG keys. On the SSH Settings page, take note of the SSH keys associated with your account. For those that you don't recognize, or that are out-of-date, click Delete.
With SSH keys, you can connect to GitHub without supplying your username and personal access token at each visit. You can also use an SSH key to sign commits. You can access and write data in repositories on GitHub.com using SSH (Secure Shell Protocol).
SSH keys come in pairs, a public key that gets shared with services like GitHub, and a private key that is stored only on your computer. If the keys match, you're granted access. The cryptography behind SSH keys ensures that no one can reverse engineer your private key from the public one.
There was an attack on GitHub recently and they've taken some measures, so the new key can be the attackers' one or it can be set by github (I can't say). The best you can do is remove your keys and passwords and replace them with new one immediately.
102
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
