GitKraken Blog

Releasing the Power of Git

Keif fixing issues for GitKraken users

Weak SSH Key Generation Fix in GitKraken v8.0.1

If you are using GitKraken versions 7.6.x, 7.7.x, or 8.0.0, this article explains what steps you can take to maintain secure SSH key connections to remote repositories on GitHub, GitLab, Bitbucket, and Azure DevOps.  

How to Fix the Weak SSH Key Issue

This issue only affects GitKraken users who generated SSH keys through the GitKraken interface using versions 7.6.x, 7.7.x,  8.0.0. If you are not sure what version you used to generate your SSH key, we encourage you to renew your key through the following process.

Affected users need to:

  1. Remove all old GitKraken-generated SSH keys stored locally. 

  2. Generate new SSH keys using GitKraken 8.0.1, or later, for each of your Git service providers. 

Follow these instructions to generate and connect an SSH key in GitKraken for:


If you have any questions or concerns, please contact our support team at support@gitkraken.com

More Information About the Issue

In late September, the GitKraken team discovered a flaw in the open source SSH key generation library that was implemented in versions 7.6.x, 7.7.x, 8.0.0, released between 5/12/21 and 9/27/21. This flaw resulted in a weaker form of public SSH keys being created. Weak keys are created with low entropy, meaning there is a higher probability of key duplication.

The GitKraken engineering team has fixed this issue as of version 8.0.1 by replacing the previous SSH key generation library with a new one. Note: Users who have upgraded to version 8.0.1 or later will still need to replace their GitKraken generated keys if they were generated in the affected versions. 
The team also contacted Git hosting service providers GitHub, Bitbucket, GitLab, and Azure DevOps to alert them to the issue. Working closely with all of these providers, we invalidated the weak public keys that were in use. Where possible, the affected keys are now permanently blocked by the Git hosting service providers.

We will continue to work toward the highest security standards possible for all of our users. 

Like this post? Share it!

Share on facebook
Share on twitter
Share on linkedin

Read More Articles

WordPress + GitHub

Learn how to work with WordPress, GitHub, and GitKraken to get the benefits of using Git for WordPress, including how to install a WordPress GitHub plugin.

Read More »
git-vs-svn

Git vs SVN

When deciding between Git vs SVN, there are a few things to compare, like Git and SVN commands and industry adoption (over 95% of developers worldwide are using Git).

Read More »

Git for Teams

See the powerful GitKraken team features that enable better workflows in Git for teams, including merge conflict detection and resolution and Git pull request management.

Read More »

Make Git Easier, Safer &
More Powerful

with GitKraken