Cyber Defense Advisors

SSH Error — Github or AWS CloudFormation?

SSH Error — Github or AWS CloudFormation?

While trying to access the Github meta API to get the list of CIDRs associated with GitHub and put them into an AWS Prefix List I randomly got this error.

verfiable_password_authentication…

falsessh_key_fingerprints

The thing is, my code never changed when I got this error. I had run the same code a number of times. After I got this error I ran the same code again and never saw the error again.

“Cidr:” in the error message above seemed to be part of the AWS template code I was trying to generate. I was not using any authentication to get to GitHub. I was using SSH to get into an EC2 instance, however the code from there was just using HTTPS to get to GitHub.

Nothing came up for the exact phrases above in the error message when I searched on Google so initially I thought this is internal code at either GitHub as part of their meta API service or AWS CloudFormation.

Then I remembered that I had seen part of one of those strings in the GitHub meta API I was looking at:

https://api.github.com/meta

So there we have:

verfiable_password_authentication

But not:

falsessh_key_fingerprints

But if you look at the above we do have:

“ssh_key_fingerprints”

So somehow the “false” got inserted in the wrong place.

And “Cidr” is coming from the CloudFormation template I was trying to auto-generate.

So perhaps there was some kind of parsing problem that caused the text from the GitHub API to be managed and merged into the CloudFormation template I was generating.

That error above seems like a YAML parsing error so somehow more data was pulled from GitHub than expected. How that happened, I am not exactly sure. The API call brings down some data from GitHub and then filters out only what I need but it seemed like the whole file was pulled in rather than the subset of data I needed.

I had a separate bash function that pulls down that data so the only thing I could think of was a multi-threading error in the AWS Linux OS where the first function didn’t finish processing before the second in what should be a single-threaded application.

At any rate, I never saw the error again after that one time.

Teri Radichel

If you liked this story please clap and follow:

Medium: Teri Radichel or Email List: Teri Radichel
Twitter: @teriradichel or @2ndSightLab
Requests services via LinkedIn: Teri Radichel or IANS Research

© 2nd Sight Lab 2022

____________________________________________

Author:

Cybersecurity for Executives in the Age of Cloud on Amazon

Need Cloud Security Training? 2nd Sight Lab Cloud Security Training

Is your cloud secure? Hire 2nd Sight Lab for a penetration test or security assessment.

Have a Cybersecurity or Cloud Security Question? Ask Teri Radichel by scheduling a call with IANS Research.

Cybersecurity & Cloud Security Resources by Teri Radichel: Cybersecurity and Cloud security classes, articles, white papers, presentations, and podcasts

SSH Error — Github or AWS CloudFormation? was originally published in Bugs That Bite on Medium, where people are continuing the conversation by highlighting and responding to this story.

Related Post

  • by
  • September 19, 2024

This Windows PowerShell Phish Has Scary Potential

Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who

Cyber News
  • by
  • September 19, 2024

FBI Shuts Down Chinese Botnet

The FBI has shut down a botnet run by Chinese hackers: The botnet malware infected a number of different types

Cyber News
  • by
  • September 19, 2024

New Brazilian-Linked SambaSpy Malware Targets Italian Users via

A previously undocumented malware called SambaSpy is exclusively targeting users in Italy via a phishing campaign orchestrated by a suspected

Cyber News
  • by
  • September 19, 2024

New TeamTNT Cryptojacking Campaign Targets CentOS Servers with

The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS)

Cyber News