security ⁽³⁾

What are PATs? Personal access tokens are an alternative to using passwords for authentication to GitHub when using the GitHub API or the command line. Personal access tokens are intended to access GitHub resources on your behalf. To access resources on behalf of an organization,…

Today I came across these steps to guide our decision-making process, before using a 3rd Part GitHub Action:

Did you know that your ssh Client sends the server all your public keys, one by one, until the server accepts one, when you try to authenticate via public key? Don't believe me? Try it out yourself: ssh whoami.filippo.io Someone could use this to find…