![]() In a blog post on Monday, Axosoft explained that versions 7.6.x, 7.7.x, and 8.0.0 of its GitKraken app used a library named " keypair" to generated SSH keys to allow developers to connect their GitKraken app to accounts on Azure DevOps, GitHub, GitLab, BitBucket, or other remote Git source code hosting servers.īut Axosoft said that older versions of this library generated RSA keys with low entropy, meaning that attackers could use the library, under certain conditions, to generate duplicate SSH keys. The mass revocations come at the request of Arizona-based software company Axosoft, which developed GitKraken and is the one who found the security flaw in its own software. Microsoft, GitHub, GitLab, and BitBucket -four of today's largest code hosting portals- have initiated mass revocations of SSH keys on Monday after the discovery of a vulnerability in a popular Git software client named GitKraken. Same for extra links.Azure, GitHub, GitLab, BitBucket mass-revoke SSH keys following bug report PS: Sorry that I can't embed images directly into my answer, not enough karma for that yet. If you wanted to use the command line to change the URL you can run the git-bash equivalent to git remote set-url from within the repo's root directory. Without Pagent you can only use one key at a time and change the settings when you need to change keys. In Windows if you aren't using Pagent (from PuTTY) then you shouldn't select "use local agent" in GitKraken. switch these from to these steps are done then you can start changing GitKraken's ssh settings. This will open a sub-window that that will have two text boxes you can edit.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |