Private rule feed authentication
Sublime uses SSH to authenticate to private rule feeds.
SSH URL Required
When adding a rule feed using SSH authentication to Sublime, you must use the SSH URL for the repository.
✅
[email protected]:sublime-security/sublime-rules.git❌
https://github.com/sublime-security/sublime-rules.git
Adding an SSH key
When creating an SSH key, make sure not to put a password on the key, since there is no way for Sublime to enter in the password. Don't worry though, the key is still encrypted in transit and at rest!
GitHub
- Generate a new SSH key
- Add the new SSH key to either your GitHub account or as a deploy key for the private repository containing your feed
GitLab
Known host public key
When adding a private feed to Sublime, you can optionally provide a known host public key as extra protection against configuration errors and man-in-the-middle attacks. An SSH connection will fail if the public keys don't match.
Use ssh-keyscan to look up the public key for your Git server. For example, ssh-keyscan github.com will provide GitHub's current public key of:
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg=
Updated 11 months ago