GitHub ya ba da rahoton wani abin da ya faru wanda maɓallin keɓaɓɓen RSA da aka yi amfani da shi azaman maɓalli lokacin shigar da ma'ajiyar GitHub ta hanyar SSH cikin kuskure an buga shi zuwa wurin ajiyar jama'a. Ruwan ya shafa maɓallin RSA kawai, ECDSA da Ed25519 maɓallan SSH sun ci gaba da kasancewa amintacce. Maɓallin SSH da aka fallasa a bainar jama'a baya ƙyale samun dama ga kayan aikin GitHub ko bayanan mai amfani, amma ana iya amfani da shi don tsangwama ayyukan Git da aka yi ta hanyar SSH.
Don hana yiwuwar satar zaman SSH zuwa GitHub idan maɓallin RSA ya faɗi cikin hannun da ba daidai ba, GitHub ya ƙaddamar da tsarin maye gurbin maɓalli. A gefen mai amfani, goge tsohuwar maɓallin jama'a na GitHub (ssh-keygen -R github.com) ko maye gurbin maɓallin da hannu a cikin fayil ɗin ~/.ssh/known_hosts ana buƙatar, wanda zai iya karya rubutun da aka aiwatar ta atomatik.
source: budenet.ru