tfm@piefed.europe.pub to Programmer Humor@programming.devEnglish · 3 days agoNatural selection in ITisanybodyusingthisprivatekey.comexternal-linkmessage-square35linkfedilinkarrow-up1176arrow-down15file-text
arrow-up1171arrow-down1external-linkNatural selection in ITisanybodyusingthisprivatekey.comtfm@piefed.europe.pub to Programmer Humor@programming.devEnglish · 3 days agomessage-square35linkfedilinkfile-text
minus-squareNeatNit@discuss.tchncs.delinkfedilinkarrow-up29·3 days agoTo save anyone the trouble, here’s a key I’ve generated just now: -----BEGIN OPENSSH PRIVATE KEY----- b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW QyNTUxOQAAACAqTGrNcWWZrKjDzAgG1KaCYAOOAoqSSQvvWVgUx7PdMgAAAJgzuRsTM7kb EwAAAAtzc2gtZWQyNTUxOQAAACAqTGrNcWWZrKjDzAgG1KaCYAOOAoqSSQvvWVgUx7PdMg AAAEC8jODzrMngnvJlMwtlhqwlI6qS42WlzSDADbEYaCsRzCpMas1xZZmsqMPMCAbUpoJg A44CipJJC+9ZWBTHs90yAAAAEXUwX2E0MzhAbG9jYWxob3N0AQIDBA== -----END OPENSSH PRIVATE KEY----- (and if I did it wrong enough, well, you can hack me but please let me know how I fucked up) Change any random character in there to see how the website reacts to a unique key. I changed an O to an o and it accepted it.
minus-squarer00ty@kbin.lifelinkfedilinkarrow-up20·3 days agoWait, that’s my key. Ohhh QIDBA not QADBX.
minus-squareNeatNit@discuss.tchncs.delinkfedilinkarrow-up19·3 days agoFWIW this is what I did: $ ssh-keygen -f fake_ssh_key (press Enter twice for no passphrase) and then: $ cat fake_ssh_key Which I then just copy-pasted from the terminal. Surely this can’t reveal anything about my other private keys, right?
minus-squareLucy :3@feddit.orglinkfedilinkarrow-up14·3 days agoYes. It only reveals stuff about your defaults, which should be ed25519 globally now anyway.
minus-squareA_norny_mousse@feddit.orglinkfedilinkarrow-up2arrow-down2·2 days agoWe know your unique machine ID now.
minus-squareNeatNit@discuss.tchncs.delinkfedilinkarrow-up2arrow-down1·2 days agoI’ll be impressed if you tell me what operating system I’m using.
To save anyone the trouble, here’s a key I’ve generated just now:
-----BEGIN OPENSSH PRIVATE KEY----- b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW QyNTUxOQAAACAqTGrNcWWZrKjDzAgG1KaCYAOOAoqSSQvvWVgUx7PdMgAAAJgzuRsTM7kb EwAAAAtzc2gtZWQyNTUxOQAAACAqTGrNcWWZrKjDzAgG1KaCYAOOAoqSSQvvWVgUx7PdMg AAAEC8jODzrMngnvJlMwtlhqwlI6qS42WlzSDADbEYaCsRzCpMas1xZZmsqMPMCAbUpoJg A44CipJJC+9ZWBTHs90yAAAAEXUwX2E0MzhAbG9jYWxob3N0AQIDBA== -----END OPENSSH PRIVATE KEY-----(and if I did it wrong enough, well, you can hack me but please let me know how I fucked up)
Change any random character in there to see how the website reacts to a unique key. I changed an O to an o and it accepted it.
Wait, that’s my key. Ohhh QIDBA not QADBX.
FWIW this is what I did:
$ ssh-keygen -f fake_ssh_key(press Enter twice for no passphrase)
and then:
$ cat fake_ssh_keyWhich I then just copy-pasted from the terminal. Surely this can’t reveal anything about my other private keys, right?
Yes. It only reveals stuff about your defaults, which should be ed25519 globally now anyway.
We know your unique machine ID now.
I’ll be impressed if you tell me what operating system I’m using.