Skip to content

Commit

Permalink
docs(README): clarify that GH-hosted runners DNS resolv. do not alway…
Browse files Browse the repository at this point in the history 
…s validate DNSSEC
  • Loading branch information
@AlexTMjugador
AlexTMjugador committed Feb 6, 2025
1 parent 710e735 commit bf4939c
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 11 deletions.
4 changes: 2 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -237,8 +237,8 @@ which can be set in the repository settings.
> name. When using a DNSSEC-aware resolver with DNSSEC-protected SSHFP records
> in place, the `-o 'VerifyHostKeyDNS=yes'` SSH client option is enough to
> automatically and securely authenticate the host key. GitHub-hosted runners
> have been experimentally confirmed to use a DNSSEC-aware resolver that works
> well for SSHFP record validation.
> have been experimentally sighted to sometimes use a DNSSEC-aware resolver that
> works well for SSHFP record validation.
>
> Another similarly secure but simpler to set up approach involves adding the
> expected host key beforehand to the `/etc/ssh/ssh_known_hosts` or
Expand Down
18 changes: 9 additions & 9 deletions dist/main/index.js
View file

Large diffs are not rendered by default.

0 comments on commit bf4939c

Please sign in to comment.