Hacker News new | ask | show | jobs
by theteapot 1181 days ago
> The private key was exposed in a public GitHub repo.

How do you know this?

Github runs scanner for private keys in public and private repos and notifies owner (I did it once so I know ... ;)). So some Github engineer likely would have received such an email if what you say is true. Hilarious.
3 comments
Veen 1181 days ago
It says exactly that in the article:

> This week, we discovered that GitHub.com’s RSA SSH private key was briefly exposed in a public GitHub repository

Hilarious.

link
theteapot 1181 days ago
I didn't read it fully before commenting. I'm sorry.
link
comprev 1180 days ago
If everyone read the entire article of each HN submission the comments section would be wildly different :-)
link
adrr 1181 days ago
I can’t see that could ever happen. Is the key just floating around on their employees computers and skeins accidentally committed it?
link
roblabla 1181 days ago
Maybe because the article says so?

> This week, we discovered that GitHub.com’s RSA SSH private key was briefly exposed in a public GitHub repository

link
3np 1181 days ago
From the OP:

> This week, we discovered that GitHub.com’s RSA SSH private key was briefly exposed in a public GitHub repository.

link