I recently got an e-mail from Github saying that I should review my SSH key:
Please review your keys and ensure you recognize them. If you have any doubts whatsoever, reject the keys and upload new keys.
How do I review my keys with git on ubuntu 11.10?
You can follow the GitHub guide "Reviewing your SSH keys"
To verify your SSH keys you need to find the fingerprint of each key on your computer and compare it to the fingerprint displayed on GitHub.
What’s a Fingerprint?
An SSH key’s fingerprint is a sequence of bytes unique to that key.
Fingerprints are usually encoded into hexadecimal strings and formatted into groups of characters for readability.
We display SSH key fingerprints on GitHub along with the key’s title:
From there, for Ubuntu, you can refer to "How do I find my RSA key fingerprint on ubuntu 10.04 (hosted by linode)" (-l here means to "list" instead of create).
$ ssh-keygen -E md5 -lf ~/.ssh/id_rsa.pub
-E md5 to the example command? Github shows fingerprints in md5 format, but newer ssh-keygen now defaults to sha256.You can also use https://github.com/username.keys (I used my keys as a demo URL).
If you have a bunch of keys to compare with the GitHub fingerprint this line comes in handy:
cd ~/.ssh; for k in *.pub; do ssh-keygen -E md5 -lf $k; done
Try to push / pull to one of your own repositories on github. A message will appear that the current key is not authorized. In addition is the SSH fingerprint of the current computer and a link displayed where it is possible to review your keys. Follow the link and mark the SSH key from your computer as approved.
