webfactory/ssh-agent (webfactory/ssh-agent)
### [`v0.8.0`](https://togithub.com/webfactory/ssh-agent/releases/tag/v0.8.0): SSH host keys no longer managed – read below 👇
[Compare Source](https://togithub.com/webfactory/ssh-agent/compare/v0.7.0...v0.8.0)
Starting with this release, this action no longer writes GitHub's SSH host keys into the `known_hosts` SSH config file upon start.
GitHub changed their host keys on short notice this morning, see https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/. We took this as an opportunity to stop maintaining GH SSH keys in the code shipped with this action ([#171](https://togithub.com/webfactory/ssh-agent/issues/171)).
What you need to do:
- On GitHub hosted runners, nothing. ✔︎ These runners ship with SSH host keys (for `github.com`) maintained by directly by GitHub.
- On self-hosted runners, review and fix your SSH `known_hosts` file:
- First, you'll find it bloated with redundant entries for `github.com`, as described in [#106](https://togithub.com/webfactory/ssh-agent/issues/106). Remove these entries.
- Review https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/. You probably removed the old (invalid) SSH key in the previous step.
- Configure GitHub's current SSH keys as documented on https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/githubs-ssh-key-fingerprints
- As long as versions before `v0.8.0` of this action here are run on the self-hosted runner, the old entries will come back. Keep an eye on it, possibly you'll have to rinse & repeat.
##### Other code changes in this release
- Update to `actions/checkout@v3` by [@mpdude](https://togithub.com/mpdude) in [https://github.com/webfactory/ssh-agent/pull/143](https://togithub.com/webfactory/ssh-agent/pull/143)
- Allow the user to override the commands for `git`, `ssh-agent`, and `ssh-add` by [@DilumAluthge](https://togithub.com/DilumAluthge) in [https://github.com/webfactory/ssh-agent/pull/154](https://togithub.com/webfactory/ssh-agent/pull/154)
##### New Contributors
- [@prhiggins](https://togithub.com/prhiggins) made their first contribution in [https://github.com/webfactory/ssh-agent/pull/153](https://togithub.com/webfactory/ssh-agent/pull/153)
- [@kjarkur](https://togithub.com/kjarkur) made their first contribution in [https://github.com/webfactory/ssh-agent/pull/147](https://togithub.com/webfactory/ssh-agent/pull/147)
- [@DilumAluthge](https://togithub.com/DilumAluthge) made their first contribution in [https://github.com/webfactory/ssh-agent/pull/154](https://togithub.com/webfactory/ssh-agent/pull/154)
**Full Changelog**: https://github.com/webfactory/ssh-agent/compare/v0.7.0...v0.8.0
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
v0.7.0->v0.8.0Release Notes
webfactory/ssh-agent (webfactory/ssh-agent)
### [`v0.8.0`](https://togithub.com/webfactory/ssh-agent/releases/tag/v0.8.0): SSH host keys no longer managed – read below 👇 [Compare Source](https://togithub.com/webfactory/ssh-agent/compare/v0.7.0...v0.8.0) Starting with this release, this action no longer writes GitHub's SSH host keys into the `known_hosts` SSH config file upon start. GitHub changed their host keys on short notice this morning, see https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/. We took this as an opportunity to stop maintaining GH SSH keys in the code shipped with this action ([#171](https://togithub.com/webfactory/ssh-agent/issues/171)). What you need to do: - On GitHub hosted runners, nothing. ✔︎ These runners ship with SSH host keys (for `github.com`) maintained by directly by GitHub. - On self-hosted runners, review and fix your SSH `known_hosts` file: - First, you'll find it bloated with redundant entries for `github.com`, as described in [#106](https://togithub.com/webfactory/ssh-agent/issues/106). Remove these entries. - Review https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/. You probably removed the old (invalid) SSH key in the previous step. - Configure GitHub's current SSH keys as documented on https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/githubs-ssh-key-fingerprints - As long as versions before `v0.8.0` of this action here are run on the self-hosted runner, the old entries will come back. Keep an eye on it, possibly you'll have to rinse & repeat. ##### Other code changes in this release - Update to `actions/checkout@v3` by [@mpdude](https://togithub.com/mpdude) in [https://github.com/webfactory/ssh-agent/pull/143](https://togithub.com/webfactory/ssh-agent/pull/143) - Allow the user to override the commands for `git`, `ssh-agent`, and `ssh-add` by [@DilumAluthge](https://togithub.com/DilumAluthge) in [https://github.com/webfactory/ssh-agent/pull/154](https://togithub.com/webfactory/ssh-agent/pull/154) ##### New Contributors - [@prhiggins](https://togithub.com/prhiggins) made their first contribution in [https://github.com/webfactory/ssh-agent/pull/153](https://togithub.com/webfactory/ssh-agent/pull/153) - [@kjarkur](https://togithub.com/kjarkur) made their first contribution in [https://github.com/webfactory/ssh-agent/pull/147](https://togithub.com/webfactory/ssh-agent/pull/147) - [@DilumAluthge](https://togithub.com/DilumAluthge) made their first contribution in [https://github.com/webfactory/ssh-agent/pull/154](https://togithub.com/webfactory/ssh-agent/pull/154) **Full Changelog**: https://github.com/webfactory/ssh-agent/compare/v0.7.0...v0.8.0Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.