Private rule feed authentication

Sublime uses SSH to authenticate to private rule feeds.

๐Ÿ“˜

SSH URL Required

When adding a rule feed using SSH authentication to Sublime, you must use the SSH URL for the repository.

โœ… [email protected]:sublime-security/sublime-rules.git

โŒ https://github.com/sublime-security/sublime-rules.git

Adding an SSH key

GitHub

  1. Generate a new SSH key
  2. Add the new SSH key to either your GitHub account or as a deploy key for the private repository containing your feed

GitLab

  1. Generate a new SSH key
  2. Add the SSH key to your GitLab account

Known host public key

When adding a private feed to Sublime, you can optionally provide a known host public key as extra protection against configuration errors and man-in-the-middle attacks. An SSH connection will fail if the public keys don't match.

Use ssh-keyscan to look up the public key for your Git server. For example, ssh-keyscan github.com will provide GitHub's current public key of:

ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg=