Ssh
Removing a Leaked SSH Key from Git History with BFG Repo-Cleaner
How to surgically remove an accidentally committed SSH private key from a Git repository's history using BFG Repo-Cleaner — the fast, focused alternative to git filter-branch
It happens to almost everyone, eventually.
You stage your changes, type git commit -am "wip", push — and a few minutes later realize that id_rsa (or .env, or credentials.json) was sitting in the working directory the whole time. The file is now in the remote, in every clone, in every CI cache, and worst of all: in the git history, where a simple git rm won’t touch it.
This post walks through fixing exactly that scenario with BFG Repo-Cleaner — a tool purpose-built for ripping unwanted blobs out of git history.
SSH Hardening: 9 Techniques That Cut 50,000 Monthly Attacks to Almost Zero
Practical SSH hardening guide with nine production-tested techniques to dramatically reduce brute-force attacks and secure your servers
Last January, I sat down to review a server’s auth logs and felt a familiar knot in my stomach.
Over 50,000 failed SSH login attempts — in a single month. Bots methodically hammering port 22 with common credentials, dictionary wordlists, and leaked password databases. Just waiting for one mistake.
That audit changed how I think about SSH security. Not as a checkbox, but as a discipline. What follows are the nine hardening techniques I’ve since applied across dozens of production servers. Not theoretical guidelines — actual configurations with real, measurable outcomes.
Convert openssh keys to rsa keys
Convert openssh keys to rsa keys
Convert openssh keys to rsa keys
from something that starts with
-----BEGIN OPENSSH PRIVATE KEY-----
to something that starts with
-----BEGIN RSA PRIVATE KEY-----