The corresponding fingerprints are: 256 SHA256:FC73VB6C4OQLSCrjEayhMp9UMxS97caD/Yyi2bhW/J0 (ECDSA)Ģ56 SHA256:ybgmFkzwOSotHTHLJgHO0QN8L0圎rw6vd0VhFA9m3SM (ED25519) RSA host key rotation
Ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO On 2300 UTC we added two new host keys using the ECDSA and Ed25519 algorithms: ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE= Bala Sathiamurthy, CISO/Head of Security WHAT'S CHANGING New host keys added
Your security is always our top priority, and we believe that acting proactively is the best approach. We understand that rotating host keys can be disruptive. I want to assure you that a threat actor cannot use the old host keys to directly access your data on Bitbucket Cloud, or to access your private SSH keys. If we did not change the host keys it might have been possible in the future for a threat actor to potentially use the old host keys in combination with an already compromised network to trick clients into connecting to and trusting a malicious host. Though we believe the risk of compromise is low, by rotating the host keys proactively we are mitigating future risk should the old host keys be decrypted. Please review this blog and complete the applicable steps outlined below as soon as possible.
In response, Bitbucket issued two new SSH host keys today and will be replacing the current host keys on June 20, 2023. The SSH protocol uses host keys to establish the identity of a trusted server for every SSH connection, like when a git pull establishes a SSH connection to Bitbucket Cloud. Hello Bitbucket Cloud users, We recently learned that encrypted copies of Bitbucket’s SSH host keys were included in a data breach of a third-party credential management vendor.
0 kommentar(er)
