From 2c03c41cb1517d93179e4dd203cb942f2c674ae6 Mon Sep 17 00:00:00 2001 From: "Kyle J. McKay" Date: Sat, 17 Dec 2022 17:50:06 -0700 Subject: [PATCH] indextext.html: add notice about upcoming ssh host key change Mention the upcoming SSH host key replacement on the home page to hopefully minimize alarm. The original SSH host key used for ssh repository access since the beginning of repo.or.cz is no longer considered sufficiently secure and must be replaced since the most recent ssh clients will generally refuse to connect anymore in their default configuration. Include details about the ugly message that will be shown by the ssh client and the fingerprint of the new key that should match the fingerprint shown in the ssh client's error message. Signed-off-by: Kyle J. McKay --- gitweb/indextext.html | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/gitweb/indextext.html b/gitweb/indextext.html index 4d78640..6f1fdf9 100644 --- a/gitweb/indextext.html +++ b/gitweb/indextext.html @@ -6,6 +6,19 @@ } +
+

We'll be replacing our SSH host key within the next couple of days.
+We're doing this because the original ssh +host key in use since 2009 is no longer considered sufficiently secure.
+After this happens you will see a very ugly message +(WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!) when you access +any repositories using ssh.
+The error message will indicate which line of your "known_hosts" file +must be removed to get rid of the ugly message.
+The error message will also include a fingerprint for our new ssh key which is:

+

SHA256:2AcJJmsZTraK3zrIuA3cZtRJGFhd28iLEev7GLv+X2w

+
+

repo.or.cz is a public Git hosting site. Create a project in a snap, publish your development, give others push access and let anyone have a look and contribute. -- 2.11.4.GIT