This happened because on the 24th of March 2023, GitHub updated their RSA SSH host key used to secure Git operations for GitHub.com because the private key was briefly exposed in a public GitHub repository. You will get that message if you had remembered GitHub’s previous key fingerprint in your SSH client before that date.
As per per the linked blog post, the solution is to remove the old key by running this command:
$ ssh-keygen -R github.com
Now the next git
connection (pull, push or clone) should ask if you trust the new SSH key. Before entering yes
, ensure the shown new key is valid, using the list:
Refer to the blog post for other ways to fix the issue.