Home/ Questions/Q 7513439
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-30T00:11:18+00:00

I tried pushing onto a git repo on my server, so I thought I

  • 0

I tried pushing onto a git repo on my server, so I thought I did something like this

git remote add games@games.com

When I should have done

git remote add games@gamesThatAreFunEtc.com

Anyway I thought it was weird that it asked for my password but not realizing what was happening I gave it. I think the site also got my private key as it probably tried to use my key in ~/.ssh first.

Should I now change my password and/or rsa key? Does doing something like that log an incorrect password attempt with the incorrect pass or the rsa key? Should I worry that if it does, the owner of the site will try to break into my site?

Also as it’s not obvious from the login attempt what my site name actually is, am I fretting for nothing? Can I assume he won’t try every combination of domains that start with games

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    First of all, it’s good that you noticed your error and that you care enough to ask this question here. I’d assume most people would get back to business and not worry.

    • your RSA key is safe, as it is only used in a challenge-response query to verify if it matches any saved public keys, it is not transmitted to the server
    • you should change your password, as a malicious server could have logged it

    You probably don’t have to worry about the owner of the site breaking into yours. Usually ssh-server do not log passwords. I would change my password anyway, just to be safe.

    In the future, try to heed the warnings ssh gives you (in your case probably a missing known_hosts entry) and take them seriously instead of mindlessly pressing ‘yes’.

    • 0