A6-9V/MQL5-Google-Onedrive
1
0
Fork 0
forked from LengKundee/MQL5-Google-Onedrive
Code Pull requests Activity
MQL5-Google-Onedrive/docs/SSH_KEY_INVESTIGATION_QUICK_REF.md
copilot-swe-agent[bot] d30677d1e8 Fix inconsistent link formatting in SSH investigation guide 
Co-authored-by: Mouy-leng <199350297+Mouy-leng@users.noreply.github.com>
2026-02-18 02:11:41 +00:00

3.6 KiB
Raw Permalink Blame History

SSH Key Investigation - Quick Reference

For: @mouy-leng
Date: 2026-02-18
Status: ⚠️ Action Required

The SSH Key You Asked About

ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLjxGzOnZXj7/4tvo0PkaMFMYVzr+0lK2ZruE0FH4upnCFo//O140zhutN61/4qiDGD+ESsKTsUJil0q9o72dXQ=

Investigation Results

This key is NOT in the repository code
This key is NOT in the git history
This key is NOT in any configuration files

Where to Check Next

1. GitHub Deploy Keys (Most Likely Location)

This is probably a deploy key for automated deployments.

How to check:

  1. Go to: https://github.com/A6-9V/MQL5-Google-Onedrive/settings/keys
  2. Look for a key starting with "ecdsa-sha2-nistp256"
  3. Check the title/description to see what it's used for

If you find it:

  • Note what it's labeled as
  • Check if it has write access
  • Decide if you still need it

2. Your Personal GitHub SSH Keys

Check your personal SSH keys.

How to check:

  1. Go to: https://github.com/settings/keys
  2. Look through your SSH keys
  3. See if this ECDSA key is listed

If you find it:

  • Consider replacing it with Ed25519 (more secure)
  • See "Migration Steps" below

3. GitHub Actions Secrets

The private key might be stored as a secret.

How to check:

  1. Go to: https://github.com/A6-9V/MQL5-Google-Onedrive/settings/secrets/actions
  2. Look for secrets like:
    • SSH_PRIVATE_KEY
    • DEPLOY_KEY
    • PAGES_DEPLOY_KEY

If you find it:

  • Check which workflows use it
  • Determine if it's still needed

4. VPS/Server (If You Have One)

Check if it's authorized on any servers.

How to check:

# SSH into your VPS
ssh user@your-vps-ip

# Check authorized keys
cat ~/.ssh/authorized_keys | grep "nistp256"

If you find it:

  • Remove it if no longer needed: 
    # Edit the file and delete the line with the key
nano ~/.ssh/authorized_keys

What This Repository Currently Uses

The repository is already configured with a more secure Ed25519 key:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEeSLWKibLOYIOA794iClIT7WU/32N1BbfzHR8hopSGG jules@google.com

See SSH Setup Documentation for details.

Recommendations

If You Find the Key and Still Need It:

  1. Consider migrating to Ed25519 (more secure)
  2. Document its purpose in SSH_SETUP.md
  3. Store it in your password manager

If You Don't Need It Anymore:

  1. Remove it from GitHub (deploy keys or personal keys)
  2. Remove it from any VPS authorized_keys
  3. Remove it from GitHub Actions secrets
  4. No further action needed

If You Can't Find It:

  • It may have already been removed
  • No action needed

Migration to Ed25519 (Recommended)

If you want to replace this ECDSA key with a more secure Ed25519 key:

# 1. Generate new Ed25519 key
ssh-keygen -t ed25519 -C "mouy-leng@example.com" -f ~/.ssh/id_ed25519_mouy

# 2. Display the public key
cat ~/.ssh/id_ed25519_mouy.pub

# 3. Add to GitHub
# Copy the output and add it at: https://github.com/settings/keys

# 4. Test the connection
ssh -T git@github.com

# 5. Remove the old ECDSA key from GitHub

Need Help?

See the full investigation report:

Summary

What we found: The SSH key is NOT in the repository
What you need to do: Check GitHub settings (deploy keys and personal keys)
Why it matters: Security best practice is to remove unused keys
Recommendation: Migrate to Ed25519 if still needed

Created by: GitHub Copilot Agent
Full Report: See docs/SSH_KEY_AUDIT.md