13 October 2021

Microsoft, GitHub, GitLab, and BitBucket revoke insecure SSH keys


Microsoft, GitHub, GitLab, and BitBucket revoke insecure SSH keys

Microsoft Azure DevOps, GitHub, GitLab, and BitBucket, four of the largest code hosting portals to date, have all issued a mass recall of SSH keys following a report about a vulnerability in GitKraken, a popular Git software client.

The decision to revoke SSH keys was made after GitKraken engineering team contacted Git hosting service providers about the issue. The bug, which was discovered in late September by the GitKraken team, resides in the open source SSH key generation library that was implemented in GitKraken versions 7.6.x, 7.7.x, 8.0.0, released between 5-12-21 and 9-27-21.

The vulnerability exists due to an error in the pseudo-random number generator used by keypair to generate RSA keys for SSH connections. A remote attacker can generate duplicate SSH keys and gain unauthorized access to the affected systems.

The vulnerability was fixed with the release of GitKraken 8.0.1. However, the GitKraken team has warned that users who upgraded to a new version will still need to replace their GitKraken generated keys if they were generated in the affected versions.

Users who are not sure what version they used to generate their SSH key, are recommended to renew the key by doing the following:

1. Remove all old GitKraken-generated SSH keys stored locally.

2. Generate new SSH keys using GitKraken 8.0.1, or later, for each of your Git service providers.


Back to the list

Latest Posts

Cyber security week in review: August 5, 2022

Cyber security week in review: August 5, 2022

The cybersecurity world in brief: Two crypto platforms targeted in multimillion-dollar attacks, hackers exploited an Atlassian Confluence bug to install a never-before-seen backdoor, and more.
5 August 2022
Threat actors exploit Atlassian Confluence bug to install a never-before-seen backdoor

Threat actors exploit Atlassian Confluence bug to install a never-before-seen backdoor

Ljl Backdoor is a fully-featured malware designed to gather files and user accounts, as well as system information.
4 August 2022
Thousands of Solana wallets drained in yet another multimillion exploit

Thousands of Solana wallets drained in yet another multimillion exploit

More than 8,000 wallets have been affected in the hack.
3 August 2022