1

I want to add GitHub to my computer's list of acceptable SSH hosts for a coding boot camp that I will be taking soon. The boot camp says that I need to do so via GitHub's RSA public key fingerprint. However, I keep getting GitHub's ED25519 public key fingerprint instead. Is there any way to fix this?

I used this code in GitBash:

ssh -T git@github.com

Each time I do, I receive this:

The authenticity of host 'github.com (140.82.113.3)' can't be established.
ED25519 key fingerprint is SHA256:+DiY3wvvV6TuJJhbpZisF/zLDA0zPMSvHdkr4UvCOqU.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])?

The boot camp I am taking a part of says not to accept unless I get the following public key fingerprint:

SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8

What should I do to get the RSA public key fingerprint above?

Alyssa
  • 11
  • 2
  • 2

1 Answers1

3

It used to be that GitHub offered only RSA and DSA keys as host keys. However, that changed recently, and GitHub now offers ECDSA and Ed25519 keys as well (and has removed the DSA key). On a fresh system, the latest versions of OpenSSH will prefer the Ed25519 key over the RSA key, which is normal and fine.

The GitHub API meta endpoint lists both the correct fingerprints and the actual SSH keys themselves. From a cursory glance, you appear to have the correct fingerprint, but you can verify that by pasting the fingerprint from the API at the prompt.

There is no reason to force the use of an RSA key here, but if you really want to do so, you can run ssh -oHostKeyAlgorithms=rsa-sha2-512,rsa-sha2-256 -T git@github.com.

bk2204
  • 64,793
  • 6
  • 84
  • 100
  • Thank you so much! I will definitely try this when I get the chance and update on how it goes! Also, I personally have no preference on which key to use, but I don’t want to go against what my Boot Camp is requesting just in case they have a reason. Thank you though regardless! – Alyssa Apr 29 '22 at 19:31
  • 1
    I'm the person who [added that host key to GitHub](https://github.blog/2021-09-01-improving-git-protocol-security-github/), and I assure you there is no security or functionality problem using it. If you like, you can send them a nice email telling them I said they should update their course materials. But I fully appreciate and respect wanting to be careful. Best of luck on your boot camp. – bk2204 Apr 29 '22 at 19:38