Closed
Description
In my company we use this action to build internal tools for the employees to use the binaries. Recently we started to use a private repo as a dependency and access it through deploy SSH keys on CI. This has worked well for lints/test/etc, but this action gives the following error:
Caused by:
error: SSH host key has changed for `github.com`
*********************************
* WARNING: HOST KEY HAS CHANGED *
*********************************
This may be caused by a man-in-the-middle attack, or the server may have changed its host key.
The RSA fingerprint for the key from the remote host is:
SHA256:uNiVztksCsDhcc0u9e8BujQXVUpKZIDTMczCvj3tD2s
You are strongly encouraged to contact the server administrator for `github.com` to verify that this new key is correct.
If you can verify that the server has a new key, you can resolve this error by removing the old ssh-rsa key for `github.com` located at C:\Users\runneradmin\.ssh\known_hosts line 6, and adding the new key to the `net.ssh.known-hosts` array in your Cargo configuration (such as C:\Users\runneradmin\.cargo\config.toml) or in your OpenSSH known_hosts file at C:\Users\runneradmin\.ssh\known_hosts
The key provided by the remote host is:
I am not sure how the known_hosts file is populated and I am wondering if this has to do with Github key rotation from last year: https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/
Thanks a lot for your work and thanks in advance for any help on this :)